Microsoft’s newest batch of safety patches contains an expanded blacklist for sure Home windows Kernel Susceptible Drivers and fixes for a number of elevations of privilege vulnerabilities. The January 2025 Safety Replace addressed 159 vulnerabilities.
Safety patches ought to be utilized to maintain software program up-to-date. Nonetheless, early variations of patches could also be unreliable and ought to be cautiously approached and deployed in check environments first.
Microsoft updates the Susceptible Driver Blacklist
The January 2025 safety replace for Home windows 11, model 24H2 expands the record of susceptible drivers that could possibly be utilized in Carry Your Personal Susceptible Driver assaults. BYOVD Vulnerabilities in kernel drivers might permit risk actors to sneak malware into the kernel.
“The susceptible driver blocklist is designed to assist harden programs in opposition to non-Microsoft-developed drivers throughout the Home windows ecosystem,” in keeping with Microsoft’s advisable driver block guidelines.
Vulnerability in Home windows Hyper-V NT Kernel Integration VSP problem patched
Microsoft launched patches for 3 Home windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerabilities which have already been exploited: CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. Efficiently exploiting any of them might have granted an attacker SYSTEM privileges.
SEE: Workers bypassing safety strategies stays a significant concern for companies.
Just a few vulnerabilities rating excessive on the CVSS severity rating
Different important CVEs on this replace embrace a distant code execution vulnerability in Object Linking and Embedding, a know-how that allows linking in Microsoft Outlook. This vulnerability has a severity ranking of 9.8 however has not been exploited within the wild.
Equally, an elevation of privilege vulnerability within the NTLMv1 protocol has a ranking of 9.8 however has not been publicly exploited. The third danger, with a rating of 9.8, patched in January, is a distant code execution vulnerability within the Home windows Dependable Multicast Transport Driver.
Citrix elements might intervene with putting in the January safety replace
Customers with Citrix elements of their computer systems may not be capable to set up the January 2025 Home windows safety replace, Microsoft identified. Microsoft and Citrix are engaged on a repair, and Citrix has offered a workaround.
Downloads or automated patches obtainable for different vulnerabilities
Microsoft is conscious of some different points with the most recent Home windows 11 construct. The OpenSSH (Open Safe Shell) might not open for customers who’ve put in the October 2024 safety replace. Microsoft has launched a repair. In the meantime, Arm customers can solely entry the online game Roblox straight — versus via the Microsoft Retailer on Home windows — for now.
On Jan. 7, Microsoft launched an replace to PowerPoint 2016. The group has fastened an issue by which OLE might mechanically load and instantiate in PowerPoint. Customers with Microsoft Replace will obtain the patch mechanically, or it may be downloaded manually.
Microsoft highlighted one patch from exterior its ecosystem in January: CVE-2024-50338, an data disclosure vulnerability in Git for Microsoft Visible Studio, has been patched. The vulnerability can expose secrets and techniques or privileged data belonging to Visible Studio customers.