2025-1-16 03:8:49 Author: securityboulevard.com(查看原文) 阅读量:1 收藏
Overview
On January 14, NSFOCUS CERT detected that Microsoft released a security update patch for January, which fixed 159 security problems in widely used products such as Windows, Microsoft Office, Microsoft Visual Studio, Azure, Microsoft Dynamics, and Microsoft Edge. This includes high-risk vulnerabilities such as privilege escalation and remote code execution.
Among the vulnerabilities fixed in Microsoft’s update this month, 12 are critical in severity, 147 are important in severity, 3 vulnerabilities could be exploited in the field:
Windows Hyper-V NT Kernel Integration VSP Privilege Escalation Vulnerability (CVE-2025-21333/CVE-2025-21334/CVE-2025-21335)
Please update patches for protection as soon as possible. For a complete list of vulnerabilities, check the appendix.
Reference link: https://msrc.microsoft.com/update-guide/en-us/releaseNote/2025-Jan
Key Vulnerabilities
Windows Hyper-V NT Kernel Integration VSP Permission Escalation Vulnerability (CVE-2025-21333/CVE-2025-21334/CVE-2025-21335):
A privilege escalation vulnerability exists in Windows Hyper-V NT Kernel Integration VSP where an authenticated local attacker can trigger a heap buffer overflow due to boundary errors in the component, thereby gaining SYSTEM privileges on the system. The vulnerability has been exploited, with a CVSS score of 7.8.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21333
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21334
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21335
Windows OLE Remote Code Execution Vulnerability (CVE-2025-21298):
Windows OLE has a remote code execution vulnerability, where an unauthenticated attacker sends special emails to the affected system by using Outlook and can execute codes remotely without user interaction. The CVSS score is 9.8.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21298
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability (CVE-2025-21307):
The Windows Reliable Multicast Transport Driver (RMCAST) has a remote code execution vulnerability that can be exploited by an unauthenticated attacker via a Windows Pragmatic General Multicast (PGM) open socket sending special packets to the server in order to execute remote code on the target system. The CVSS score is 9.8.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21307
Windows NTLM V1 privilege escalation vulnerability (CVE-2025-21311):
There is a privilege escalation vulnerability in Windows NTLM V1. Due to the incorrect implementation of authentication algorithm in Windows NTLM V1, unauthenticated attackers can exploit it through the network under low complexity conditions, thus elevating the privileges of the target system. The CVSS score is 9.8.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21311
Microsoft Excel Remote Code Execution Vulnerability (CVE-2025-21354/CVE-2025-21362):
Microsoft Excel has a remote code execution vulnerability. Due to illegal pointer de-reference and reuse after release in Excel, the attacker can induce the victim to download and open an Excel file through social engineering to execute arbitrary code. The CVSS score is 7.8.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21354
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21362
Windows Remote Desktop Service remote code execution vulnerability (CVE-2025-21297):
The Windows Remote Desktop Service has a remote code execution vulnerability. Since sensitive data in the Windows Remote Desktop Service is stored in an incorrectly locked memory, an unauthenticated attacker can connect to a system with the role of remote desktop gateway and send special requests to win competition conditions, thus executing arbitrary codes on the target system. The CVSS score is 8.1.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21297
BranchCache Remote Code Execution Vulnerability (CVE-2025-21296):
BranchCache has a remote code execution vulnerability. Due to an after-release reuse error in BranchCache, unauthenticated attackers on the local network can send special requests to win competition conditions and execute arbitrary codes on the target system. The CVSS score is 7.5.
Official Announcement Link:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21296
Scope of Impact
The following are some affected product versions that focus on vulnerabilities. For the scope of other products affected by vulnerabilities, please refer to the official announcement link:
| Vulnerability No. | Affected product versions |
| CVE-2025-21333 CVE-2025-21334 CVE-2025-21335 |
Windows Server 2025 Windows 11 Version 24H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows Server 2025 (Server Core installation) Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems |
| CVE-2025-21298 CVE-2025-21307 |
Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server 2025 Windows 11 Version 24H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows Server 2025 (Server Core installation) Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
| CVE-2025-21311 | Windows Server 2025 Windows 11 Version 24H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows Server 2025 (Server Core installation) |
| CVE-2025-21354 | Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2024 for 64-bit editions Microsoft Office LTSC 2024 for 32-bit editions Microsoft Office LTSC 2021 for 32-bit editions Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for 32-bit editions Office Online Server |
| CVE-2025-21362 | Microsoft Excel 2016 (64-bit edition) Microsoft Excel 2016 (32-bit edition) Microsoft Office LTSC for Mac 2024 Microsoft Office LTSC 2024 for 64-bit editions Microsoft Office LTSC 2024 for 32-bit editions Microsoft Office LTSC 2021 for 32-bit editions Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for 32-bit editions Office Online Server |
| CVE-2025-21297 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2025 Windows Server 2022, 23H2 Edition (Server Core installation) Windows Server 2025 (Server Core installation) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 |
| CVE-2025-21296 | Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server 2025 Windows 11 Version 24H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows Server 2025 (Server Core installation) Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems |
Mitigation
At present, Microsoft has officially released security patches to fix the above vulnerabilities for supported product versions. It is strongly recommended that affected users install patches as soon as possible for protection.
Download link of the official website: https://msrc.microsoft.com/update-guide/en-us/releaseNote/2025-Jan
Note: Patch update of Windows Update may fail due to network problems, computer environment problems and other reasons. After installing the patch, users should check whether the patch is successfully updated in time.
For updates that have not been successfully installed, you can click the name of the update to visit Microsoft’s official download page. It is recommended that users click on the link on this page to go to the “Microsoft Update Catalog” website to download and install the standalone package.
Appendix: Vulnerability List
| Affected products | CVE No. | Vulnerability | Severity |
| Windows | CVE-2025-21294 | Microsoft Digest Authentication Remote Code Execution Vulnerability | Critical |
| Windows | CVE-2025-21295 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Vulnerability | Critical |
| Windows | CVE-2025-21296 | BranchCache remote code execution vulnerability | Critical |
| Windows | CVE-2025-21297 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows | CVE-2025-21298 | Windows OLE remote code execution vulnerability | Critical |
| Windows | CVE-2025-21309 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows | CVE-2025-21307 | Windows Reliable Multicast Transport Driver (RMCAST) remote code execution vulnerability | Critical |
| Azure | CVE-2025-21380 | Azure Marketplace SaaS Resources Information Disclosure Vulnerability | Critical |
| Microsoft Office | CVE-2025-21385 | Microsoft Purview Disclosure Vulnerability | Critical |
| Windows | CVE-2025-21311 | Windows NTLM V1 privilege escalation vulnerability | Critical |
| Microsoft Office | CVE-2025-21362 | Microsoft Excel remote code execution vulnerability | Critical |
| Microsoft Office | CVE-2025-21354 | Microsoft Excel remote code execution vulnerability | Critical |
| Windows | CVE-2025-21411 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21413 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Microsoft Visual Studio .NET 9.0 installed on Mac OS .NET 9.0 installed on Linux .NET 9.0 installed on Windows |
CVE-2025-21171 | .NET remote code execution vulnerability | Important |
| Windows | CVE-2025-21210 | Windows BitLocker Disclosure Vulnerability | Important |
| Windows | CVE-2025-21214 | Windows BitLocker Disclosure Vulnerability | Important |
| Windows | CVE-2025-21215 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2025-21233 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21234 | Windows PrintWorkflowUserSvc privilege escalation vulnerability | Important |
| Windows | CVE-2025-21235 | Windows PrintWorkflowUserSvc privilege escalation vulnerability | Important |
| Windows | CVE-2025-21236 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21237 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21239 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21241 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21242 | Windows Kerberos Disclosure Vulnerability | Important |
| Windows | CVE-2025-21243 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21244 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21248 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21249 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21251 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows | CVE-2025-21252 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21255 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21257 | Information disclosure vulnerability of Windows WLAN AutoConfig Service | Important |
| Windows | CVE-2025-21258 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21260 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21263 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21265 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21266 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21268 | MapUrlToZone Security Features Bypass Vulnerabilities | Important |
| Windows | CVE-2025-21269 | Windows HTML Platforms Security Features Bypass Vulnerabilities | Important |
| Windows | CVE-2025-21270 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows | CVE-2025-21271 | Windows Cloud Files Mini Filter Driver Escalation Vulnerability | Important |
| Windows | CVE-2025-21272 | Windows COM Server Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21277 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows | CVE-2025-21280 | Windows Virtual Trusted Platform Module Denial of Service | Important |
| Windows | CVE-2025-21281 | Microsoft COM for Windows privilege escalation vulnerability | Important |
| Windows | CVE-2025-21282 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21284 | Windows Virtual Trusted Platform Module Denial of Service | Important |
| Windows | CVE-2025-21285 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows | CVE-2025-21288 | Windows COM Server Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21289 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows | CVE-2025-21290 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows | CVE-2025-21291 | Windows Direct Show Remote Code Execution Vulnerability | Important |
| Windows | CVE-2025-21293 | Active Directory Domain Services Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21299 | Windows Kerberos Security Features Bypass Vulnerabilities | Important |
| Windows | CVE-2025-21301 | Windows Geolocation Service Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21302 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21303 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21304 | Microsoft DWM Core Library Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21306 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21314 | Windows SmartScreen Spoofing Vulnerability | Important |
| Windows | CVE-2025-21315 | Microsoft Brokering File System Escalation Vulnerability | Important |
| Windows | CVE-2025-21316 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21318 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21319 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21320 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21321 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21327 | Windows Digital Media Permission Escalation Vulnerability | Important |
| .NET 8.0 installed on Linux .NET 9.0 installed on Mac OS Microsoft Visual Studio Microsoft .NET Framework .NET 9.0 installed on Linux .NET 9.0 installed on Windows .NET 8.0 installed on Mac OS .NET 8.0 installed on Windows |
CVE-2025-21176 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerabilities | Important |
| Microsoft Visual Studio | CVE-2025-21178 | Visual Studio Remote Code Execution Vulnerability | Important |
| Microsoft Visual Studio,.NET 8.0 installed on Linux,.NET 9.0 installed on Linux | CVE-2025-21173 | .NET privilege escalation vulnerability | Important |
| Windows | CVE-2025-21341 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Microsoft Office | CVE-2025-21344 | Microsoft SharePoint Server remote code execution vulnerability | Important |
| Microsoft Office | CVE-2025-21345 | Microsoft Office Visio remote code execution vulnerability | Important |
| Microsoft Office | CVE-2025-21346 | Microsoft Office Security Features Bypass Vulnerabilities | Important |
| Microsoft Office | CVE-2025-21348 | Microsoft SharePoint Server remote code execution vulnerability | Important |
| Microsoft Office | CVE-2025-21356 | Microsoft Office Visio remote code execution vulnerability | Important |
| Microsoft Office | CVE-2025-21357 | Microsoft Outlook remote code execution vulnerability | Important |
| Microsoft Office | CVE-2025-21363 | Microsoft Word remote code execution vulnerability | Important |
| Microsoft Office | CVE-2025-21364 | Microsoft Excel security features bypass vulnerabilities | Important |
| Microsoft Office | CVE-2025-21365 | Microsoft Office remote code execution vulnerability | Important |
| Microsoft Office | CVE-2025-21366 | Microsoft Access remote code execution vulnerability | Important |
| Windows | CVE-2025-21382 | Windows Graphics Component Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21219 | MapUrlToZone Security Features Bypass Vulnerabilities | Important |
| Windows | CVE-2025-21389 | Windows upnphost.dll denial of service vulnerability | Important |
| Microsoft Office | CVE-2025-21393 | Microsoft SharePoint Server Spoofing | Important |
| Microsoft Office | CVE-2025-21395 | Microsoft Access remote code execution vulnerability | Important |
| Azure | CVE-2025-21403 | On-Premises Data Gateway Disclosure Vulnerability | Important |
| Windows | CVE-2025-21217 | Windows NTLM spoofing vulnerability | Important |
| Microsoft Visual Studio | CVE-2025-21405 | Visual Studio permission escalation vulnerability | Important |
| Windows | CVE-2025-21278 | Windows Remote Desktop Gateway (RD Gateway) denial-of-service vulnerability | Important |
| Windows | CVE-2025-21329 | MapUrlToZone Security Features Bypass Vulnerabilities | Important |
| Windows | CVE-2025-21328 | MapUrlToZone Security Features Bypass Vulnerabilities | Important |
| Windows | CVE-2025-21330 | Windows Remote Desktop Services Vulnerability | Important |
| Windows | CVE-2025-21220 | Microsoft Message Queuing Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21335 | Windows Hyper-V NT Kernel Integration VSP Privilege Escalation | Important |
| Windows | CVE-2025-21193 | Active Directory Federation Server Spoofing Vulnerability | Important |
| Windows | CVE-2025-21207 | Windows Connected Devices Platform Service (Cdpsvc) Vulnerability | Important |
| Windows | CVE-2025-21202 | Windows Recovery Environment Agent Privilege Escalation Vulnerability | Important |
| Microsoft Dynamics | CVE-2025-21187 | Microsoft Power Automate remote code execution vulnerability | Important |
| Microsoft Office | CVE-2025-21186 | Microsoft Access remote code execution vulnerability | Important |
| Windows | CVE-2025-21211 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2025-21213 | Secure Boot security function bypasses vulnerabilities | Important |
| Windows | CVE-2025-21224 | Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | Important |
| Windows | CVE-2025-21225 | Windows Remote Desktop Gateway (RD Gateway) denial-of-service vulnerability | Important |
| Windows | CVE-2025-21226 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21227 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21228 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21229 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21230 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows | CVE-2025-21231 | IP Helper Denial of Service Vulnerability | Important |
| Windows | CVE-2025-21232 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21256 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21261 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21189 | MapUrlToZone Security Features Bypass Vulnerabilities | Important |
| Windows | CVE-2025-21273 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21274 | Windows Event Tracing Denial of Service Vulnerability | Important |
| Windows | CVE-2025-21275 | Windows App Package Installer Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21276 | Windows MapUrlToZone Denial of Service Vulnerability | Important |
| Windows | CVE-2025-21286 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21287 | Windows Installer privilege escalation vulnerability | Important |
| Windows | CVE-2025-21292 | Windows Search Service Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21300 | Windows upnphost.dll denial of service vulnerability | Important |
| Windows | CVE-2025-21305 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21308 | Windows Themes Spoofing Vulnerability | Important |
| Windows | CVE-2025-21310 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21312 | Windows Smart Card Reader Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21317 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21323 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| .NET 8.0 installed on Linux .NET 9.0 installed on Mac OS Microsoft Visual Studio .NET 9.0 installed on Linux .NET 9.0 installed on Windows .NET 8.0 installed on Mac OS .NET 8.0 installed on Windows |
CVE-2025-21172 | .NET and Visual Studio remote code execution vulnerabilities | Important |
| Windows | CVE-2025-21324 | Windows Digital Media Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21331 | Windows Installer privilege escalation vulnerability | Important |
| Windows | CVE-2025-21336 | Windows Cryptographic Disclosure Vulnerability | Important |
| Windows Microsoft Office |
CVE-2025-21338 | GDI+ remote code execution vulnerability | Important |
| Windows | CVE-2025-21339 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21340 | Windows Virtualization-Based Security (VBS) Security Features Bypass Vulnerabilities | Important |
| Windows | CVE-2025-21343 | Windows Web Threat Defense User Service Information Disclosure Vulnerability | Important |
| Microsoft Office | CVE-2025-21360 | Microsoft AutoUpdate (MAU) privilege escalation vulnerability | Important |
| Microsoft Office | CVE-2025-21361 | Microsoft Outlook remote code execution vulnerability | Important |
| Windows | CVE-2025-21370 | Windows Virtualization-Based Security (VBS) Enclave Permission Escalation Vulnerability | Important |
| Windows | CVE-2025-21372 | Microsoft Brokering File System Escalation Vulnerability | Important |
| Windows | CVE-2025-21374 | Windows CSC Service Information Disclosure Vulnerability | Important |
| Windows | CVE-2025-21378 | Windows CSC Service privilege escalation vulnerability | Important |
| Microsoft Office | CVE-2025-21402 | Microsoft Office OneNote remote code execution vulnerability | Important |
| Windows | CVE-2025-21218 | Windows Kerberos Denial of Service | Important |
| Windows | CVE-2025-21313 | Windows Security Account Manager (SAM) Denial of Service Vulnerability | Important |
| Windows | CVE-2025-21332 | MapUrlToZone Security Features Bypass Vulnerabilities | Important |
| Windows | CVE-2025-21326 | Internet Explorer remote code execution vulnerability | Important |
| Windows | CVE-2025-21333 | Windows Hyper-V NT Kernel Integration VSP Privilege Escalation | Important |
| Windows | CVE-2025-21334 | Windows Hyper-V NT Kernel Integration VSP Privilege Escalation | Important |
| Windows | CVE-2025-21246 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21417 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21250 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21240 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21238 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21223 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21409 | Remote code execution vulnerability of Windows Telephony Service | Important |
| Windows | CVE-2025-21245 | Remote code execution vulnerability of Windows Telephony Service | Important |
Statement
This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.
About NSFOCUS
NSFOCUS, a pioneering leader in cybersecurity, is dedicated to safeguarding telecommunications, Internet service providers, hosting providers, and enterprises from sophisticated cyberattacks.
Founded in 2000, NSFOCUS operates globally with over 4000 employees at two headquarters in Beijing, China, and Santa Clara, CA, USA, and over 50 offices worldwide. It has a proven track record of protecting over 25% of the Fortune Global 500 companies, including four of the five largest banks and six of the world’s top ten telecommunications companies.
Leveraging technical prowess and innovation, NSFOCUS delivers a comprehensive suite of security solutions, including the Intelligent Security Operations Platform (ISOP) for modern SOC, DDoS Protection, Continuous Threat Exposure Management (CTEM) Service and Web Application and API Protection (WAAP). All the solutions and services are augmented by the Security Large Language Model (SecLLM), ML, patented algorithms and other cutting-edge research achievements developed by NSFOCUS.
The post Microsoft’s January Security Update of High-Risk Vulnerabilities in Multiple Products appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..
*** This is a Security Bloggers Network syndicated blog from NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. authored by NSFOCUS. Read the original post at: https://nsfocusglobal.com/microsofts-january-security-update-of-high-risk-vulnerabilities-in-multiple-products/
如有侵权请联系:admin#unsafe.sh