Tech News
Microsoft Released Huge Patch Tuesday Update For January 2025
The Patch Tuesday update for January 2025 from Microsoft is substantial, with over 150 security fixes. It even addresses some actively exploited flaws, requiring prompt system updates from the users.
Microsoft Patch Tuesday January 2025 Overview
Microsoft’s first security updates for this year include several important security fixes addressing serious vulnerabilities. The most noteworthy include the following actively exploited or publicly disclosed vulnerabilities.
- CVE-2025-21333, CVE-2025-21334, CVE-2025-21335 (important; CVSS 7.8): Privilege escalation vulnerabilities in Hyper-V NT Kernel Integration Virtual Service Provider (VSP). An attacker could exploit the flaws to gain SYSTEM privileges on the target device. Microsoft confirmed detecting active exploitation attempts for these vulnerabilities prior to a fix.
- CVE-2025-21186, CVE-2025-21366, CVE-2025-21395 (important; CVSS 7.8): Arbitrary code execution vulnerabilities in Microsoft Access. A remote attacker could exploit these flaws to execute arbitrary codes locally on the target machine. Exploiting the flaw merely required social engineering techniques, such as sending malicious emails, to trick the victim user into downloading or opening a maliciously crafted file. Microsoft confirmed public disclosure of these vulnerabilities before the fix, but the flaws escaped active exploitation.
- CVE-2025-21275 (important; CVSS 7.8): A publicly disclosed privilege escalation vulnerability in Windows App Package Installer allowing SYSTEM privileges to an adversary.
- CVE-2025-21308 (important; CVSS 6.5): A spoofing vulnerability in Windows Themes. While Microsoft urges users to update their systems as soon as possible for this flaw, they even recommended mitigation to prevent the threat – blocking NTLM hash via group policy. Besides, this vulnerability doesn’t affect systems with disabled NTLM.
Alongside these vulnerabilities, Microsoft also addressed 11 critical severity flaws and 140 important severity issues across different products. These include 47 remote code execution, 33 privilege escalation, 19 denial-of-service flaws, 21 information disclosure, 15 security feature bypass flaws, and 4 spoofing vulnerabilities.
While Microsoft ensured the automatic rollout of January 2025 Patch Tuesday updates to eligible devices, users should still check their systems manually for any updates to avoid potential threats.
Let us know your thoughts in the comments.
Nepal PM Oli hoping for invitation to visit India in first half of 2025: FM Arzu Rana
Delta Force’s free Black Hawk Down shooter campaign mode is out now
Explore the online world of Apple TV’s ‘Severance’
Trade mindless scrolling for meaningful growth with this useful app for life
International student enrolment down at Sask. universities
Pennsylvania driver Josh Keating survives near-fatal strike after flying ice shatters windshield: ‘Had angels with me’
To the Moon: Sigmund Minisodes 1 and 2 now available on consoles
Macs finally get a taste of an overhauled Mail app
The world’s smallest handmade sculpture is a blood cell-sized Lego brick
Live Updates: Hamas Is Set to Release 6 More Hostages
Singapore Airlines CEO set to join board of Air India, BA News, BA
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
Croatia to reintroduce compulsory military draft as regional tensions soar
Satisfy Your Meat and BBQ Cravings While in Texas
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
15 Best Magnetic Tile Race Tracks for Kids!
The Top 20 Motivational Instagram Accounts to Follow (2024)
15 of the Best Trike & Tricycles Mums Recommend
Have Unlimited Korean Food at MANY Unlimited Topokki!
Soccer team’s drone at center of Paris Olympics spying scandal
-
Destination5 months agoSingapore Airlines CEO set to join board of Air India, BA News, BA
-
Tech News9 months agoBangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Breaking News6 months agoCroatia to reintroduce compulsory military draft as regional tensions soar
-
Guides & Tips7 months ago
Satisfy Your Meat and BBQ Cravings While in Texas
-
Gaming6 months agoThe Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
-
Toys7 months ago15 Best Magnetic Tile Race Tracks for Kids!
-
Motivation9 months agoThe Top 20 Motivational Instagram Accounts to Follow (2024)
-
Toys8 months ago15 of the Best Trike & Tricycles Mums Recommend