Microsoft's January 2025 Patch Tuesday update addresses 159 vulnerabilities, including three previously undisclosed actively exploited zero-day vulnerabilities. The update is applicable to Windows 11 OS Builds 22621.4751 and 22631.4751 and is part of Microsoft's ongoing effort to secure its flagship operating system against emerging threats.
New zero-day flaws
Microsoft has confirmed three vulnerabilities under active exploitation in the wild:
CVE-2025-21333 – A Windows Hyper-V NT Kernel Integration VSP vulnerability with a CVSS score of 7.8. This vulnerability allows attackers to execute code at the kernel level, potentially compromising the entire system.
CVE-2025-21334 – Another Windows Hyper-V NT Kernel Integration VSP vulnerability rated at 7.8. This flaw can be exploited in conjunction with CVE-2025-21333 to escalate privileges and gain unauthorized access to sensitive data.
CVE-2025-21335 – A third Windows Hyper-V NT Kernel Integration VSP vulnerability, also with a CVSS score of 7.8, which can allow attackers to exploit virtualization features and compromise virtualized environments.
These vulnerabilities specifically affect systems running Windows Hyper-V, making them a critical concern for organizations relying on virtualization technology in their IT infrastructure.
Other important fixes
Several vulnerabilities addressed in this update are flagged as “Exploitation More Likely”, indicating a higher risk of exploitation in the near future:
- CVE-2025-21298 – A critical Windows OLE vulnerability with a CVSS score of 9.8, allowing remote code execution without user interaction. Attackers could exploit this flaw to execute arbitrary code and compromise systems.
- CVE-2025-21314 – A Windows SmartScreen flaw with a CVSS score of 6.5. This vulnerability could be exploited to bypass security warnings and execute malicious programs.
- CVE-2025-21328 – A Windows MapUrlToZone vulnerability rated 4.3, where exploitation could allow attackers to manipulate URL security zones.
- CVE-2025-21354 – A critical Microsoft Office Excel flaw with a CVSS score of 7.8, which could be triggered by maliciously crafted Excel files, leading to remote code execution.
- CVE-2025-21364 – Another Microsoft Office Excel vulnerability, also rated 7.8, with similar potential for remote code execution via crafted files.
These vulnerabilities, particularly those involving Windows OLE and Microsoft Office, emphasize the importance of patching systems to mitigate risks associated with document and media file handling, both common in daily operations.
For the complete list of all 159 flaws Microsoft addressed in the first ‘Patch Tuesday' package of the year, check here.
Known issues in this update
Microsoft has acknowledged several known issues arising from this update, including OpenSSH service failures and a Citrix Session Recording Agent conflict.
After installing the update, some users reported that the OpenSSH service failed to start, preventing SSH connections. A workaround involves updating permissions for affected directories.
Devices with Citrix Session Recording Agent (SRA) version 2411 experienced installation failures for the January update. Citrix has provided a workaround, and a permanent resolution is under development.
If impacted, it is recommended that workarounds be implemented instead of delaying the application of the latest security update on Windows.
Apply the update now
With over 400 million devices running Windows 11, the importance of addressing vulnerabilities promptly cannot be overstated. Users and system administrators are advised to apply the KB5050021 update as soon as possible.
To perform the update, open Settings on the Windows device, head to ‘Update & Security > Windows Update,' and click on ‘Check for updates.' Windows will automatically download and install available security updates for your Windows 11 build. A system restart will be required after the installation of all packages to implement the updates.
U.S. SEC Fines Robinhood $45 Million for Cybersecurity Failures
Leave a Reply