Skip to content
BLOG

Patch Tuesday February 2025

Brock Bingham candid headshot
Brock Bingham|February 11, 2025
Orange themed Patch Tuesday banner image
Orange themed Patch Tuesday banner image
Sections

Welcome to our Patch Tuesday recap for February 2025. This is perhaps the most emotionally complex week of the year for sysadmins. First, you’re either stoked or bummed about the Super Bowl outcome, depending on if you’re an Eagles or a Taylor Swift fan. Now, we’ve got a stressful day of patching to deal with. And to top it off, we’ve only got one day left to prep for and not screw up another Valentine's Day. Adulting is hard stuff.

Let’s get into the patch notes.

  • Total exploits patched: 60

  • Critical patches: 3

  • Already known or exploited: 5

Some highlights (or lowlights)

  • CVE-2025-21379: First up is CVE-2025-21379. This is a man-in-the-middle, or "machine-in-the-middle," attack affecting DHCP traffic. As such, an attacker would need to be on the same logical network to initiate this attack and potentially read or modify network communications.

  • CVE-2025-21381: Next up, we've got everyone’s favorite Microsoft Office utility, Excel. That's right: Our beloved Excel is under attack with a new remote code execution (RCE) vulnerability labeled CVE-2025-21381. This is essentially a phishing attack that requires users to download a malicious Excel file; however, they don't even need to launch it. The attack can initiate from the preview pane in File Explorer. I wouldn't care so much if they were picking on Word, but come on. Excel doesn't deserve this!

  • CVE-2025-21376: Lastly, but probably not for the last time, we have CVE-2025-21376, which is an LDAP vulnerability. I think it was last month that I mentioned that LDAP is turning into the new PrintNightmare. Looks like I was right! This new vulnerability does have a high attack complexity and requires the attacker to win a race condition, but that's not enough to help me sleep soundly at night, so make sure to get this patched as soon as possible.

Wrapping up

While this was a lighter month for patching, word on the street is that Microsoft is forcing the new Outlook on users in a security update starting today. On top of that, they’re also enforcing strong certificate mapping starting today, which is sure to break a lot of stuff, especially since the communication on this change seemed minimal at best. If you find yourself buried in support tickets and calls because of these changes, there should be a registry change you can make to delay this requirement, but only until later this year.

Happy patching and have a great Valentine’s Day to all our sysadmin friends out there!

Loading...

Brock Bingham candid headshot
Brock Bingham

Born in the '80s and raised by his NES, Brock quickly fell in love with everything tech. With over 15 years of IT experience, Brock now enjoys the life of luxury as a renowned tech blogger and receiver of many Dundie Awards. In his free time, Brock enjoys adventuring with his wife, kids, and dogs, while dreaming of retirement.

Related articles

General lightBlue suitcase

Best 2025 tech and IT conferences for sysadmin and IT professionals

GENERAL IT

Green PDQ Connect logo on vintage computer

How MSPs manage Windows updates in PDQ Connect

PRODUCT

Patch Tuesday October 2023

Patch Tuesday January 2025

SECURITY