February 2025 Patch Tuesday: Four Zero-Days and Three Critical Vulnerabilities Among 67 CVEs

This CrowdStrike advisory summarizes multiple Microsoft security fixes including actively exploited zero-days (e.g., CVE-2025-21418, CVE-2025-21391), several critical remote code execution vulnerabilities (notably an unauthenticated LDAP RCE CVE-2025-21376), and other high-impact issues such as NTLMv2 hash disclosure, Excel RCE, and DHCP client RCE; it provides CVSS scores, impact descriptions, urgent patching and mitigation guidance (for example restricting RPCs to Active Directory servers), and points to the Falcon platform dashboard for tracking affected systems.