Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Microsoft Patch Tuesday updates for January 2025 fixed three actively exploited flaws

Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities, including three actively exploited issues. Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities in Windows and Windows Components, Office and Office Components, Hyper-V, SharePoint Server, .NET and Visual Studio, Azure, BitLocker, Remote Desktop Services, and Windows Virtual Trusted Platform Module. 11 […]

Microsoft Patch Tuesday

Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities, including three actively exploited issues.

Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities in Windows and Windows Components, Office and Office Components, Hyper-V, SharePoint Server, .NET and Visual Studio, Azure, BitLocker, Remote Desktop Services, and Windows Virtual Trusted Platform Module.

11 of these vulnerabilities are rated Critical, and the other are rated Important in severity. ZDI researchers pointed out that this is the largest number of vulnerabilities addressed in by Microsoft montly security updates since 2017.

Five vulnerabilities are publicly known, while three flaws in Windows Hyper-V NT Kernel Integration VSP (CVE-2025-21333CVE-2025-21334, and CVE-2025-21335, CVSS scores of 7.8) are actively exploited in the wild.

These three flaws are Elevation of Privilege issues in Hyper-V, authenticated users can exploit them to execute code with SYSTEM privileges.

Another interesting issue addressed with the release of Patch Tuesday security updates is a Windows OLE Remote Code Execution Vulnerability tracked as CVE-2025-21298 (CVSS score of 9.8).

A remote attacker can exploit the vulnerability to execute code on a target system by sending a specially crafted mail to an affected system with Outlook. The experts explained that the preview pane is not an attack vector, but previewing an attachment could trigger the code execution. The flaw is related the RTF files parsing.

A lack of validation of user-supplied data causes memory corruption. Experts to install the patch immediately, however mitigation includes reading mail in Outlook as plain text.

Microsoft also fixed a couple of Windows Remote Desktop Services Remote Code Execution issues tracked as CVE-2025-21297/CVE-2025-21309. Both vulnerabilities allow remote, unauthenticated attackers to execute arbitrary code by triggering a race condition. Exploitation requires no user interaction.

The full list of vulnerabilities addressed by Microsoft with Microsoft Patch Tuesday security updates for January 2025 is available here.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Microsoft Patch Tuesday)