Tech News
Microsoft Released Huge Patch Tuesday Update For January 2025
The Patch Tuesday update for January 2025 from Microsoft is substantial, with over 150 security fixes. It even addresses some actively exploited flaws, requiring prompt system updates from the users.
Microsoft Patch Tuesday January 2025 Overview
Microsoft’s first security updates for this year include several important security fixes addressing serious vulnerabilities. The most noteworthy include the following actively exploited or publicly disclosed vulnerabilities.
- CVE-2025-21333, CVE-2025-21334, CVE-2025-21335 (important; CVSS 7.8): Privilege escalation vulnerabilities in Hyper-V NT Kernel Integration Virtual Service Provider (VSP). An attacker could exploit the flaws to gain SYSTEM privileges on the target device. Microsoft confirmed detecting active exploitation attempts for these vulnerabilities prior to a fix.
- CVE-2025-21186, CVE-2025-21366, CVE-2025-21395 (important; CVSS 7.8): Arbitrary code execution vulnerabilities in Microsoft Access. A remote attacker could exploit these flaws to execute arbitrary codes locally on the target machine. Exploiting the flaw merely required social engineering techniques, such as sending malicious emails, to trick the victim user into downloading or opening a maliciously crafted file. Microsoft confirmed public disclosure of these vulnerabilities before the fix, but the flaws escaped active exploitation.
- CVE-2025-21275 (important; CVSS 7.8): A publicly disclosed privilege escalation vulnerability in Windows App Package Installer allowing SYSTEM privileges to an adversary.
- CVE-2025-21308 (important; CVSS 6.5): A spoofing vulnerability in Windows Themes. While Microsoft urges users to update their systems as soon as possible for this flaw, they even recommended mitigation to prevent the threat – blocking NTLM hash via group policy. Besides, this vulnerability doesn’t affect systems with disabled NTLM.
Alongside these vulnerabilities, Microsoft also addressed 11 critical severity flaws and 140 important severity issues across different products. These include 47 remote code execution, 33 privilege escalation, 19 denial-of-service flaws, 21 information disclosure, 15 security feature bypass flaws, and 4 spoofing vulnerabilities.
While Microsoft ensured the automatic rollout of January 2025 Patch Tuesday updates to eligible devices, users should still check their systems manually for any updates to avoid potential threats.
Let us know your thoughts in the comments.
Victor Wembanyama Prepares to Become ‘Genuine’ Face of the N.B.A.
Bengaluru Airport recognised as India’s first airport to achieve ACI accessibility accreditation, BA
Kingdom Come: Deliverance II Preview
Microsoft Released Huge Patch Tuesday Update For January 2025
The future of AI is even more fossil fuels
India always open to legitimate return of undocumented Indians: Jaishankar
Witness heard accused admit to killing his ex-wife for cheating, Ontario court hears
I know Nintendo won’t do it, but I really hope the Switch 2 brings back the DS’ best feature
Best Samsung Galaxy S25 pre-order deals: Secure the phone today, for less
Samsung’s new Galaxy AI features want to use your phone for you
Singapore Airlines CEO set to join board of Air India, BA News, BA
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
The Top 20 Motivational Instagram Accounts to Follow (2024)
Satisfy Your Meat and BBQ Cravings While in Texas
Soccer team’s drone at center of Paris Olympics spying scandal
Have Unlimited Korean Food at MANY Unlimited Topokki!
15 Best Magnetic Tile Race Tracks for Kids!
Croatia to reintroduce compulsory military draft as regional tensions soar
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
15 of the Best Trike & Tricycles Mums Recommend
-
Destination4 months agoSingapore Airlines CEO set to join board of Air India, BA News, BA
-
Tech News8 months agoBangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Motivation8 months agoThe Top 20 Motivational Instagram Accounts to Follow (2024)
-
Guides & Tips6 months ago
Satisfy Your Meat and BBQ Cravings While in Texas
-
Tech News6 months agoSoccer team’s drone at center of Paris Olympics spying scandal
-
Guides & Tips6 months ago
Have Unlimited Korean Food at MANY Unlimited Topokki!
-
Toys6 months ago15 Best Magnetic Tile Race Tracks for Kids!
-
Breaking News5 months agoCroatia to reintroduce compulsory military draft as regional tensions soar