- Microsoft released January 2025 Patch Tuesday cumulative update
- It fixes more than 150 vulnerabilities, including three being actively abused in the wild
- Other details about the flaws are not being disclosed at this time
The first Microsoft Patch Tuesday of 2025 is upon us, and it’s a big one, as the update patches 161 vulnerabilities found in various products, including three zero-day bugs that have been actively abused in the wild.
The three vulnerabilities are tracked as CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. All three have a severity score of 7.8 (high), and all are found in Windows Hyper-V NT Kernel Integration VSP.
“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” Microsoft said in the advisory for the flaws.
Added to CISA’s KEV
Other details are not known right now, as Microsoft gives users enough time to apply the patch without a swarm of hackers going after them. Therefore, we don’t know who the threat actors are, who the victims were, or how the attackers managed to compromise their targets’ IT infrastructure.
However, in its write-up, The Hacker News says the trio are privilege escalation bugs, and, citing Satnam Narang, senior staff research engineer at Tenable, are thus “very likely used as part of post-compromise activity, where an attacker has already gained access to a target system by some other means.”
Since the vulnerabilities are being actively exploited in the wild, users are advised to apply the patch immediately. CISA has already added all three to its Known Exploited Vulnerabilities (KEV) catalog, giving federal agencies a deadline of February 4, to apply the patch.
While these three flaws are arguably the most dangerous ones (since they’re being actively used), Microsoft also addressed 11 critical-severity bugs, as well. The remaining 149 are rated as important. Zero Day Initiative says this is the largest Patch Tuesday since 2017. Aside from Patch Tuesday, Microsoft also addressed Edge browser flaws in a separate patch, fixing seven vulnerabilities in the process.
Via The Hacker News
Leave a comment