CVE-2025-21391 - Microsoft Windows Storage Link Following Vulnerability

: Microsoft | Windows

Date Added:
2025-02-11

Due Date:
2025-03-04

Vulnerability Name: Microsoft Windows Storage Link Following Vulnerability

Description: Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21391 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21391

Related News Articles

Microsoft's Patch Tuesday Fixes 63 Flaws, Including Two Under Active ExploitationFebruary 12, 2025

Microsoft's February Patch a Lighter Lift Than January'sFebruary 12, 2025

Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flawsFebruary 12, 2025

Free online web security scanner

Don't show website scan report rating on the leaderboard