Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Patch now: Microsoft details active exploitation of Hyper-V zero-days

These vulnerabilities, affecting Microsoft Windows versions 10, 11, and Server 2025, are categorized as elevation of privileges issues

byKerem Gülen
January 16, 2025
in Cybersecurity, News
Home News Cybersecurity

Microsoft has confirmed the active exploitation of three new zero-day exploits affecting Windows systems, amidst ongoing security concerns such as the end of support for Windows 10 and an increase in cyberattacks. These vulnerabilities are identified as CVE-2025-21335, CVE-2025-21333, and CVE-2025-21334, specifically targeting Hyper-V.

Microsoft confirms three zero-day exploits targeting Hyper-V

In its latest Patch Tuesday release, Microsoft detailed a substantial update addressing 159 vulnerabilities, including 12 critical issues and a total of eight zero-days, three of which are currently under active exploitation. Tyler Reguly, associate director of security research and development at Fortra, emphasized the need for administrators to reassess their security strategies in light of these vulnerabilities.

These vulnerabilities, affecting Microsoft Windows versions 10, 11, and Server 2025, are categorized as elevation of privileges issues. Kev Breen, senior director of threat research at Immersive Labs, noted that these exploits could allow attackers, who have already gained access through methods such as phishing, to escalate their privileges to SYSTEM level permissions on compromised devices.

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.


Citrix SRA bug prevents Windows updates: Here’s how to fix it


Chris Goettl, vice president of security product management at Ivanti, affirmed that these vulnerabilities require critical prioritization due to their potential impact.

Mike Walters, president and co-founder of Action1, outlined the significant risks posed by these zero-day exploits for organizations using Hyper-V, which is integral to various systems, including data centers and cloud providers. The potential impacts include:

  • Accessing and manipulating virtual machines on the host.
  • Stealing sensitive data or credentials.
  • Moving laterally within the network to target other systems.
  • Disrupting critical services by modifying configurations or deploying malicious code.

Given the nature of these vulnerabilities, Walters recommended that Windows users prioritize applying the available security updates. He also advised organizations to enhance their security posture by restricting local access, enforcing strong authentication, and segmenting critical systems.


Featured image credit: Windows/Unsplash

Tags: MicrosoftWindows

Related Posts

Psychopathia Machinalis and the path to “Artificial Sanity”

Psychopathia Machinalis and the path to “Artificial Sanity”

September 1, 2025
GPT-4o Mini is fooled by psychology tactics

GPT-4o Mini is fooled by psychology tactics

September 1, 2025
AI reveals what doctors cannot see in coma patients

AI reveals what doctors cannot see in coma patients

September 1, 2025
Asian banks fight fraud with AI, ISO 20022

Asian banks fight fraud with AI, ISO 20022

September 1, 2025
Android 16 Pixel bug silences notifications

Android 16 Pixel bug silences notifications

September 1, 2025
Azure Integrated HSM hits every Microsoft server

Azure Integrated HSM hits every Microsoft server

September 1, 2025

LATEST NEWS

Psychopathia Machinalis and the path to “Artificial Sanity”

GPT-4o Mini is fooled by psychology tactics

AI reveals what doctors cannot see in coma patients

Asian banks fight fraud with AI, ISO 20022

Android 16 Pixel bug silences notifications

Azure Integrated HSM hits every Microsoft server

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.