Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws - BleepingComputer
Microsoft January 2025 Patch Tuesday: Vulnerabilities, Fixes, and Updates
Microsoft's January 2025 Patch Tuesday has addressed a significant number of vulnerabilities and introduced several important updates for Windows operating systems. Here are the key details:
Vulnerabilities Addressed
- Total Vulnerabilities: Microsoft fixed 159 vulnerabilities, including 10 classified as critical Remote Code Execution (RCE) vulnerabilities2.
- Critical Vulnerabilities:
- CVE-2025-21362 & CVE-2025-21354: These involve vulnerabilities in Microsoft Excel that allow remote code execution if a user opens a specially crafted file2.
- CVE-2025-21311: A critical vulnerability in Windows NTLM V1 that could allow privilege escalation2.
- CVE-2025-21309 & CVE-2025-21297: Vulnerabilities in Windows Remote Desktop Services enabling remote code execution through maliciously crafted connections or files2.
- CVE-2025-21307: Affects the Reliable Multicast Transport Driver (RMCAST), allowing remote attackers to execute arbitrary code2.
- CVE-2025-21298 & CVE-2025-21296: Vulnerabilities in Windows OLE and BranchCache, respectively, which could permit remote code execution via crafted inputs2.
- CVE-2025-21295 & CVE-2025-21294: Critical remote code execution vulnerabilities affecting authentication mechanisms (SPNEGO and Digest Authentication)2.
Security Updates and Fixes
- BYOVD Attack Fix: The update includes a fix for the "Bring Your Own Vulnerable Driver" (BYOVD) attack issue by adding to the list of drivers at risk in the Windows Kernel Vulnerable Driver Blocklist file (DriverSiPolicy.p7b)34.
- OpenSSH and Citrix Issues: The update has caused issues with the OpenSSH service, which may fail to start, and problems with Citrix components, preventing some users from downloading the update3.
- Roblox Compatibility: Users on Arm devices running Windows 11 24H2 may experience issues with Roblox, requiring them to use the launcher from the official Roblox website until the issue is resolved3.
Cumulative Updates
- KB5050009 and KB5050021: These are mandatory cumulative updates for Windows 11 versions 24H2 and 23H2, respectively. They include the January 2025 Patch Tuesday security updates and change the build numbers to 26100.2605 and 22631.4602, respectively4.
Additional Features and Improvements
- Touchscreen Edge Gestures: A new section in Settings allows users to configure touchscreen edge gestures4.
- Input Method Editor (IME): The IME toolbar will now hide when apps are in full screen mode, specifically when typing Chinese or Japanese characters4.
- File Explorer: Users can now share content to an Android device from the context menu in File Explorer and on the desktop, provided they have Phone Link installed and configured4.
Installation and Availability
- Users can install the updates by going to Start > Settings > Windows Update and clicking on 'Check for Updates'. The updates are also available for manual download from the Microsoft Update Catalog4.
In summary, the January 2025 Patch Tuesday updates are crucial for securing Windows operating systems against a wide range of vulnerabilities, including critical RCE vulnerabilities. While these updates introduce some new features and improvements, they also address significant security issues and resolve potential compatibility problems. However, users should be aware of the potential issues with OpenSSH, Citrix, and Roblox on certain devices.
