Patch Tuesday January 2025 - 8 Zero Days and 14 Critical

***If you are receiving this email, it is because you subscribed to it. If you have not subscribed and want to unsubscribe, click here. Please do not mark as spam instead. We've had some problems lately with email blacklisting. We'd appreciate if you unsubscribe if you don't want mailings from us.***

Welcome to my January Patch Tuesday newsletter. We are starting the year off catching up for a slow December last year. Today Microsoft released updates for 159 vulnerabilities and an additional 10 in the past 30 days for a total of 169 patches within the past month. There are a total of 8 zero days; 5 that are public and 3 that are exploited but at this point none that are both:

Public:
Exploited

In addition to these there are another 14 critical updates from this month. 8 of these affect the Windows OS with 3 of the remaining affecting Azure Marketplace SaaS, Defender for Endpoint for Windows and the MS Update Catalog and the final 3 affecting various MS Office products. Be sure to check the chart below for more information.

Many of you are familiar with my Security Log Encyclopedia. This past week I published what I am calling the "Windows Event Collection Encyclopedia" over at LOGbinder.com. It outlines WEC and all its moving parts and pieces as well as using WEC with non-AD / Entra-joined machines. Whether you know little about Windows event collection or are an expert, I am sure that you will benefit from it.

Happy patching!

So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month.

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 10, 11 Server 2008 SP2, 2008 R2 SP1, 2012, 2012 R2, 2016, 2019, 2022, 2025 including Server Core Installations	Critical	CVE-2024-7344 CVE-2025-21189 CVE-2025-21193 CVE-2025-21202 CVE-2025-21207 CVE-2025-21210 CVE-2025-21211 CVE-2025-21213 CVE-2025-21214 CVE-2025-21215 CVE-2025-21217 CVE-2025-21218 CVE-2025-21219 CVE-2025-21220 CVE-2025-21223 CVE-2025-21224 CVE-2025-21225 CVE-2025-21226 CVE-2025-21227 CVE-2025-21228 CVE-2025-21229 CVE-2025-21230 CVE-2025-21231 CVE-2025-21232 CVE-2025-21233 CVE-2025-21234 CVE-2025-21235 CVE-2025-21236 CVE-2025-21237 CVE-2025-21238 CVE-2025-21239 CVE-2025-21240 CVE-2025-21241 CVE-2025-21242 CVE-2025-21243 CVE-2025-21244 CVE-2025-21245 CVE-2025-21246 CVE-2025-21248 CVE-2025-21249 CVE-2025-21250 CVE-2025-21251 CVE-2025-21252 CVE-2025-21255 CVE-2025-21256 CVE-2025-21257 CVE-2025-21258 CVE-2025-21260 CVE-2025-21261 CVE-2025-21263 CVE-2025-21265 CVE-2025-21266 CVE-2025-21268 CVE-2025-21269 CVE-2025-21270 CVE-2025-21271 CVE-2025-21272 CVE-2025-21273 CVE-2025-21274 CVE-2025-21275 CVE-2025-21276 CVE-2025-21277 CVE-2025-21278 CVE-2025-21280 CVE-2025-21281 CVE-2025-21282 CVE-2025-21284 CVE-2025-21285 CVE-2025-21286 CVE-2025-21287 CVE-2025-21288 CVE-2025-21289 CVE-2025-21290 CVE-2025-21291 CVE-2025-21292 CVE-2025-21293 CVE-2025-21294 CVE-2025-21295 CVE-2025-21296 CVE-2025-21297 CVE-2025-21298 CVE-2025-21299 CVE-2025-21300 CVE-2025-21301 CVE-2025-21302 CVE-2025-21303 CVE-2025-21304 CVE-2025-21305 CVE-2025-21306 CVE-2025-21307 CVE-2025-21308 CVE-2025-21309 CVE-2025-21310 CVE-2025-21311 CVE-2025-21312 CVE-2025-21313 CVE-2025-21314 CVE-2025-21315 CVE-2025-21316 CVE-2025-21317 CVE-2025-21318 CVE-2025-21319 CVE-2025-21320 CVE-2025-21321 CVE-2025-21323 CVE-2025-21324 CVE-2025-21326 CVE-2025-21327 CVE-2025-21328 CVE-2025-21329 CVE-2025-21330 CVE-2025-21331 CVE-2025-21332 CVE-2025-21333* CVE-2025-21334* CVE-2025-21335* CVE-2025-21336 CVE-2025-21338 CVE-2025-21339 CVE-2025-21340 CVE-2025-21341 CVE-2025-21343 CVE-2025-21370 CVE-2025-21372 CVE-2025-21374 CVE-2025-21378 CVE-2025-21382 CVE-2025-21389 CVE-2025-21409 CVE-2025-21411 CVE-2025-21413 CVE-2025-21417	Workaround: No Exploited: Yes* Public: Yes**	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing
Edge	Chromium-based	High (Google rating)	CVE-2024-12381 CVE-2024-12382 CVE-2024-12692 CVE-2024-12693 CVE-2024-12694 CVE-2024-12695	Workaround: No Exploited: No Public: No	Type Confusion Use After Free Out of Bounds
Office	365 Apps for Enterprise Access/Excel/Outlook 2016 Office 2016, 2019 LTSC 2021, 2024 including for Mac AutoUpdate /OneNote/Outlook for Mac Office for Android, iOS, Mac and Universal Online Server Purview	Critical	CVE-2025-21186 CVE-2025-21338 CVE-2025-21345 CVE-2025-21346 CVE-2025-21354 CVE-2025-21356 CVE-2025-21357 CVE-2025-21360 CVE-2025-21361 CVE-2025-21362 CVE-2025-21363 CVE-2025-21364 CVE-2025-21365 CVE-2025-21366 CVE-2025-21385 CVE-2025-21395** CVE-2025-21402	Workaround: No Exploited: No Public: Yes**	Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass
SharePoint	Enterprise Server 2016 Server 2019 Server Subscription Edition	Important	CVE-2025-21344 CVE-2025-21348 CVE-2025-21393	Workaround: No Exploited: No Public: No	Remote Code Execution Spoofing
Azure	Marketplace SaaS On-Premises Data Gateway	Critical	CVE-2025-21380 CVE-2025-21403	Workaround: No Exploited: No Public: No	Information Disclosure
.NET	8.0/9.0 on Linux, MacOS, Windows 3.5,4.6, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1	Important	CVE-2025-21171 CVE-2025-21172 CVE-2025-21173 CVE-2025-21176	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution
Visual Studio	15.0 - 15.9, 16.11, 17.10, 17.12, 17.6, 17.8	Important	CVE-2024-50338 CVE-2025-21171 CVE-2025-21172 CVE-2025-21173 CVE-2025-21176 CVE-2025-21178 CVE-2025-21405	Workaround: No Exploited: No Public: No	Elevation of Privilege Information Disclosure Remote Code Execution
System Center	Defender for EndPoint for Windows	Critical	CVE-2024-49071	Workaround: No Exploited: No Public: No	Information Disclosure
Dynamics	Power Automate for Desktop	Important	CVE-2025-21187	Workaround: No Exploited: No Public: No	Remote Code Execution
Apps	Microsoft Update Catalog	Critical	CVE-2024-49147	Workaround: No Exploited: No Public: No	Elevation of Privilege

Thanks as always for reading and best wishes on security,

Randy Franklin Smith

Click here to unsubscribe

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, All rights reserved. You may forward this email in its entirety but all other rights reserved.

9450 SW Gemini Drive #53822, Beaverton, OR 97008

Note: We do our best to provide quality information and expert commentary but use all information at your own risk.