CVE-2025-21391 - Microsoft Windows Storage Link Following Vulnerability
Project:Microsoft
Product:Windows
Date Added:2025-02-11Due Date:2025-03-04
Vulnerability Name
Microsoft Windows Storage Link Following Vulnerability
Description
Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21391
https://nvd.nist.gov/vuln/detail/CVE-2025-21391
Related News Articles
Microsoft's Patch Tuesday Fixes 63 Flaws, Including Two Under Active ExploitationFebruary 12, 2025
Microsoft's February Patch a Lighter Lift Than January'sFebruary 12, 2025
Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flawsFebruary 12, 2025