Saturday, February 15, 2025
HomeCyber SecurityMicrosoft’s January 2025 Safety Replace Patches Exploited Elevation of Privilege Assaults

Microsoft’s January 2025 Safety Replace Patches Exploited Elevation of Privilege Assaults


Microsoft’s newest batch of safety patches contains an expanded blacklist for sure Home windows Kernel Weak Drivers and fixes for a number of elevations of privilege vulnerabilities. The January 2025 Safety Replace addressed 159 vulnerabilities.

Safety patches must be utilized to maintain software program up-to-date. Nonetheless, early variations of patches could also be unreliable and must be cautiously approached and deployed in take a look at environments first.

Microsoft updates the Weak Driver Blacklist

The January 2025 safety replace for Home windows 11, model 24H2 expands the record of susceptible drivers that may very well be utilized in Convey Your Personal Weak Driver assaults. BYOVD Vulnerabilities in kernel drivers might permit risk actors to sneak malware into the kernel.

“The susceptible driver blocklist is designed to assist harden programs towards non-Microsoft-developed drivers throughout the Home windows ecosystem,” based on Microsoft’s advisable driver block guidelines.

Vulnerability in Home windows Hyper-V NT Kernel Integration VSP difficulty patched

Microsoft launched patches for 3 Home windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerabilities which have already been exploited: CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. Efficiently exploiting any of them might have granted an attacker SYSTEM privileges.

SEE: Staff bypassing safety solutions stays a serious concern for companies.

Just a few vulnerabilities rating excessive on the CVSS severity rating

Different important CVEs on this replace embody a distant code execution vulnerability in Object Linking and Embedding, a know-how that allows linking in Microsoft Outlook. This vulnerability has a severity ranking of 9.8 however has not been exploited within the wild.

Equally, an elevation of privilege vulnerability within the NTLMv1 protocol has a ranking of 9.8 however has not been publicly exploited. The third threat, with a rating of 9.8, patched in January, is a distant code execution vulnerability within the Home windows Dependable Multicast Transport Driver.

Citrix parts could intervene with putting in the January safety replace

Customers with Citrix parts of their computer systems won’t be capable of set up the January 2025 Home windows safety replace, Microsoft identified. Microsoft and Citrix are engaged on a repair, and Citrix has offered a workaround.

Downloads or automated patches accessible for different vulnerabilities

Microsoft is conscious of some different points with the most recent Home windows 11 construct. The OpenSSH (Open Safe Shell) could not open for customers who’ve put in the October 2024 safety replace. Microsoft has launched a repair. In the meantime, Arm customers can solely entry the online game Roblox immediately — versus by way of the Microsoft Retailer on Home windows — for now.

On Jan. 7, Microsoft launched an replace to PowerPoint 2016. The group has mounted an issue through which OLE might mechanically load and instantiate in PowerPoint. Customers with Microsoft Replace will obtain the patch mechanically, or it may be downloaded manually.

Microsoft highlighted one patch from exterior its ecosystem in January: CVE-2024-50338, an data disclosure vulnerability in Git for Microsoft Visible Studio, has been patched. The vulnerability can expose secrets and techniques or privileged data belonging to Visible Studio customers.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments