Microsoft has rolled out its January 2025 Patch Tuesday updates, addressing critical security risks across its software ecosystem. The update resolves 159 vulnerabilities which includes 8 zero-day vulnerabilities, with three actively exploited in attacks. The patches aim to strengthen defenses against potential cyberattacks. Users are advised to update immediately.
On Patch Tuesday, 14 Jan 2025 Microsoft has released fixes for 159 flaws including 8 zero-days, 3 of which are actively exploited.
The major categories for these vulnerabilities are as follows:
- Elevation of Privilege – 40
- Security Feature Bypass – 14
- Denial of Service – 20
- Remote Code Execution (RCE)- 58
- Information Disclosure – 24
- Spoofing – 3
Of the vulnerabilities addressed this month, 36.5% were related to Remote Code Execution, while 25.15% were related to Elevation of Privilege.
Following are the 3 actively exploited vulnerabilities:
- CVE-2025-21333
- CVE-2025-21334
- CVE-2025-21335
The above mentioned CVEs are associated with Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerabilities.
Vulnerabilities patched related to Windows Remote Desktop Services (CVE-2025-21309, CVE-2025-21297), Windows NTLM (CVE-2025-21311) and Microsoft Excel (CVE-2025-21354, CVE-2025-21362) are some of the highlights of this Patch Tuesday.
Apart from Microsoft few other vendors have also provided fixes:
Adobe: Adobe released updates for applications including Adobe Photoshop, Adobe Illustrator and Adobe Animate.
Cisco: Cisco released updates for its products including Cisco ThousandEyes Endpoint Agent for MacOS and RoomOS
SAP: SAP released updates for multiple products including SAP NetWeaver ABAP Server and ABAP Platform.
Fortinet: Fortinet released updates for Authentication bypass vulnerability (CVE-2024-55591) in FortiOS and FortiProx.
SIEMENS: SIEMENS released updates for its products including SIPROTEC 5, SIMATIC and SCALANCE.
Here are 10 essential pieces of advice for users regarding Microsoft’s January 2024 Patch Tuesday updates:
- Update Immediately: Install the January 2025 Patch Tuesday updates as soon as possible. Microsoft has addressed four zero-day vulnerabilities that are actively exploited in the wild, so prompt action will minimize risk.
- Prioritize Critical Systems: If managing a large IT environment, prioritize updating critical systems such as Windows servers and workstations first, especially those exposed to external networks, to quickly bolster key defenses.
- Use Microsoft Update Tools: Ensure that automatic updates are enabled in Windows Update for personal devices, and consider using centralized tools like Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager for enterprise environments.
- Secure Edge and Office Applications: Make sure to update Microsoft Edge and Office applications, as some of the vulnerabilities affect these programs. Keeping them updated helps protect against potential threats targeting popular productivity tools.
- Patch All Network-Exposed Devices: Network-exposed devices are particularly vulnerable to attacks. Make sure to patch any device connected to the internet or other untrusted networks, including endpoints and remote machines.
- Disable Workarounds Where Applicable: If any previous workarounds or temporary mitigations were applied to address vulnerabilities, review and disable them after applying the patches to ensure software functionality returns to normal.
- Educate Users on Phishing and Social Engineering: The patch addresses vulnerabilities that could be exploited via malicious links or attachments. Reinforce user education on avoiding suspicious emails, links, and attachments.
- Monitor for Anomalous Activity: Since these vulnerabilities have been actively exploited, monitor logs and endpoint activity for unusual behavior that might indicate attempted exploitation or malware activity.
- Backup Critical Data: Ensure that recent backups of important data are available and secure. While this is a general best practice, it is especially critical during periods of heightened vulnerability due to zero-day risks.
- Review Microsoft’s Security Documentation: Microsoft often provides technical details on vulnerabilities and affected systems in their security bulletins. Review these documents to fully understand the patches’ scope and any additional steps required in your environment.
Conclusion:
Microsoft’s January 2025 Patch Tuesday underscores the critical importance of proactive security in today’s threat landscape. With 159 vulnerabilities addressed, including eight zero-day flaws and three actively exploited in attacks, this update is a timely reminder of the escalating risks in the digital world. By acting swiftly to apply these patches, organizations and individuals can fortify their systems against potential cyber threats. Delaying updates leaves networks exposed, making immediate action essential. Stay ahead of adversaries by prioritizing cybersecurity hygiene—your vigilance today is the key to a safer tomorrow.
