CVE-2025-21335 - Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

CVE-2025-21335: Microsoft | Windows

Date Added:
2025-01-14

Due Date:
2025-02-04

Vulnerability Name: Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

Description: Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21335 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21335

Related News Articles

3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security UpdateJanuary 15, 2025

Microsoft Rings in 2025 With Record Security UpdateJanuary 15, 2025

Free online web security scanner

Don't show website scan report rating on the leaderboard