CVE-2025-21334 - Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
Project:Microsoft
Product:Windows
Date Added:2025-01-14Due Date:2025-02-04
Vulnerability Name
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
Description
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21334
https://nvd.nist.gov/vuln/detail/CVE-2025-21334
Related News Articles
3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security UpdateJanuary 15, 2025
Microsoft Rings in 2025 With Record Security UpdateJanuary 15, 2025
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flawsJanuary 15, 2025
