Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Patch now: Microsoft details active exploitation of Hyper-V zero-days

These vulnerabilities, affecting Microsoft Windows versions 10, 11, and Server 2025, are categorized as elevation of privileges issues

byKerem Gülen
January 16, 2025
in Cybersecurity, News
Home News Cybersecurity

Microsoft has confirmed the active exploitation of three new zero-day exploits affecting Windows systems, amidst ongoing security concerns such as the end of support for Windows 10 and an increase in cyberattacks. These vulnerabilities are identified as CVE-2025-21335, CVE-2025-21333, and CVE-2025-21334, specifically targeting Hyper-V.

Microsoft confirms three zero-day exploits targeting Hyper-V

In its latest Patch Tuesday release, Microsoft detailed a substantial update addressing 159 vulnerabilities, including 12 critical issues and a total of eight zero-days, three of which are currently under active exploitation. Tyler Reguly, associate director of security research and development at Fortra, emphasized the need for administrators to reassess their security strategies in light of these vulnerabilities.

These vulnerabilities, affecting Microsoft Windows versions 10, 11, and Server 2025, are categorized as elevation of privileges issues. Kev Breen, senior director of threat research at Immersive Labs, noted that these exploits could allow attackers, who have already gained access through methods such as phishing, to escalate their privileges to SYSTEM level permissions on compromised devices.

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.


Citrix SRA bug prevents Windows updates: Here’s how to fix it


Chris Goettl, vice president of security product management at Ivanti, affirmed that these vulnerabilities require critical prioritization due to their potential impact.

Mike Walters, president and co-founder of Action1, outlined the significant risks posed by these zero-day exploits for organizations using Hyper-V, which is integral to various systems, including data centers and cloud providers. The potential impacts include:

  • Accessing and manipulating virtual machines on the host.
  • Stealing sensitive data or credentials.
  • Moving laterally within the network to target other systems.
  • Disrupting critical services by modifying configurations or deploying malicious code.

Given the nature of these vulnerabilities, Walters recommended that Windows users prioritize applying the available security updates. He also advised organizations to enhance their security posture by restricting local access, enforcing strong authentication, and segmenting critical systems.


Featured image credit: Windows/Unsplash

Tags: MicrosoftWindows

Related Posts

From Pilot to Policy: RYT Gathers Global Leaders at TOKEN2049

From Pilot to Policy: RYT Gathers Global Leaders at TOKEN2049

September 23, 2025
Nvidia and OpenAI announce landmark 0 billion partnership, igniting global stock rally

Nvidia and OpenAI announce landmark $100 billion partnership, igniting global stock rally

September 23, 2025
Perplexity Max gets email assistant for Gmail and Outlook

Perplexity Max gets email assistant for Gmail and Outlook

September 23, 2025
Germany seeks to block Apple, Google from EU’s FiDA

Germany seeks to block Apple, Google from EU’s FiDA

September 23, 2025
Created by Humans licenses author content to AI firms

Created by Humans licenses author content to AI firms

September 23, 2025
Sentinelone finds malterminal malware using OpenAI GPT-4

Sentinelone finds malterminal malware using OpenAI GPT-4

September 23, 2025

LATEST NEWS

From Pilot to Policy: RYT Gathers Global Leaders at TOKEN2049

Nvidia and OpenAI announce landmark $100 billion partnership, igniting global stock rally

Perplexity Max gets email assistant for Gmail and Outlook

Germany seeks to block Apple, Google from EU’s FiDA

Created by Humans licenses author content to AI firms

Sentinelone finds malterminal malware using OpenAI GPT-4

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.