news 
Microsoft has issued a critical warning to all Windows users, confirming that three zero-day exploits are currently being used in ongoing cyberattacks. The revelation comes as part of the company’s latest Patch Tuesday security updates, which includes 159 vulnerabilities, with a staggering 12 deemed “critical” and a further eight marked as zero-days.
These newly discovered zero-day exploits, identified as CVE-2025-21335, CVE-2025-21333, and CVE-2025-21334, impact the Hyper-V component of Windows operating systems. Specifically, they are classified as elevation of privileges issues, allowing attackers to gain SYSTEM level permissions on infected devices.
The implications of such an attack are significant, with experts warning that nation-state actors and ransomware operators could exploit these vulnerabilities to elevate their access levels, granting them the ability to steal sensitive data or credentials, move laterally within the network, disrupt critical services, or deploy malicious code.
“We’re looking at a situation where attackers can gain SYSTEM level permissions, which is a game-changer,” said Kev Breen, senior director of threat research at Immersive Labs. “These zero-day exploits should be top priority for patching this month.”
The affected Windows versions include Microsoft Windows 10, Windows 11, and Server 2025, with experts advising that these vulnerabilities warrant “risk-based prioritization” and should be treated as Critical.
Chris Goettl, vice president of security product management at Ivanti, emphasized the severity of the situation, stating that “organizations relying on Hyper-V, including data centers, cloud providers, enterprise IT environments, and development platforms are at risk.”
Mike Walters, president and co-founder of Action1, warned of the potential impacts of these zero-day exploits, highlighting the dangers of:
* Accessing and manipulating virtual machines on the host
* Stealing sensitive data or credentials
* Moving laterally within the network to target other systems
* Disrupting critical services by modifying configurations or deploying malicious code
In light of this critical warning, Windows users are urged to treat this month’s Patch Tuesday as a matter of high importance. Applying available security updates should be prioritized immediately, and organizations are advised to strengthen their security posture by restricting local access, enforcing strong authentication, and segmenting critical systems.
The consequences of failing to act swiftly could have devastating effects on an organization’s security and reputation. It is crucial that users do not underestimate the severity of these zero-day exploits and take immediate action to mitigate the risks associated with this vulnerability.
Source: www.forbes.com
