CVE-2025-21391 - Microsoft Windows Storage Link Following Vulnerability

Vulnerability Name

Microsoft Windows Storage Link Following Vulnerability

Description

Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21391

https://nvd.nist.gov/vuln/detail/CVE-2025-21391

Related News Articles

Microsoft's Patch Tuesday Fixes 63 Flaws, Including Two Under Active ExploitationFebruary 12, 2025

Microsoft's February Patch a Lighter Lift Than January'sFebruary 12, 2025

Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flawsFebruary 12, 2025