CVE-2025-21334 - Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

Vulnerability Name

Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

Description

Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21334

https://nvd.nist.gov/vuln/detail/CVE-2025-21334

Related News Articles

3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security UpdateJanuary 15, 2025

Microsoft Rings in 2025 With Record Security UpdateJanuary 15, 2025

Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flawsJanuary 15, 2025