Microsoft Monthly Security Update (January 2025)
Release Date:
15 Jan 2025
1131
Views
RISK: High Risk
TYPE: Operating Systems - Windows OS
Microsoft has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes |
| Developer Tools |  Medium Risk | Information Disclosure Remote Code Execution Elevation of Privilege | |
| Windows |  High Risk | Remote Code Execution Information Disclosure Elevation of Privilege Denial of Service Security Restriction Bypass Spoofing | CVE-2025-21333, CVE-2025-21334 and CVE-2025-21335 are being exploited in the wild. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. |
| Extended Security Updates (ESU) | Medium Risk | Remote Code Execution Information Disclosure Elevation of Privilege Denial of Service Security Restriction Bypass Spoofing | |
| Microsoft Office | Medium Risk | Remote Code Execution Security Restriction Bypass Spoofing Elevation of Privilege Information Disclosure | |
| Azure | Medium Risk | Information Disclosure | |
| Microsoft Dynamics | Medium Risk | Remote Code Execution |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 1
Number of 'Medium Risk' product(s): 5
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': High Risk
Impact
- Elevation of Privilege
- Security Restriction Bypass
- Spoofing
- Information Disclosure
- Remote Code Execution
- Denial of Service
System / Technologies affected
- Developer Tools
- Windows
- Extended Security Updates (ESU)
- Microsoft Office
- Azure
- Microsoft Dynamics
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor.
Vulnerability Identifier
Source
Related Link
Related Tags
Share with