Microsoft’s newest batch of safety patches contains an expanded blacklist for sure Home windows Kernel Weak Drivers and fixes for a number of elevations of privilege vulnerabilities. The January 2025 Safety Replace addressed 159 vulnerabilities.
Safety patches needs to be utilized to maintain software program up-to-date. Nevertheless, early variations of patches could also be unreliable and needs to be cautiously approached and deployed in check environments first.
Microsoft updates the Weak Driver Blacklist
The January 2025 safety replace for Home windows 11, model 24H2 expands the listing of weak drivers that might be utilized in Carry Your Personal Weak Driver assaults. BYOVD Vulnerabilities in kernel drivers may permit menace actors to sneak malware into the kernel.
“The weak driver blocklist is designed to assist harden programs towards non-Microsoft-developed drivers throughout the Home windows ecosystem,” based on Microsoft’s really helpful driver block guidelines.
Vulnerability in Home windows Hyper-V NT Kernel Integration VSP concern patched
Microsoft launched patches for 3 Home windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerabilities which have already been exploited: CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. Efficiently exploiting any of them may have granted an attacker SYSTEM privileges.
SEE: Staff bypassing safety strategies stays a significant concern for companies.
Just a few vulnerabilities rating excessive on the CVSS severity rating
Different important CVEs on this replace embrace a distant code execution vulnerability in Object Linking and Embedding, a know-how that allows linking in Microsoft Outlook. This vulnerability has a severity ranking of 9.8 however has not been exploited within the wild.
Equally, an elevation of privilege vulnerability within the NTLMv1 protocol has a ranking of 9.8 however has not been publicly exploited. The third threat, with a rating of 9.8, patched in January, is a distant code execution vulnerability within the Home windows Dependable Multicast Transport Driver.
Citrix elements could intrude with putting in the January safety replace
Customers with Citrix elements of their computer systems may not be capable of set up the January 2025 Home windows safety replace, Microsoft identified. Microsoft and Citrix are engaged on a repair, and Citrix has offered a workaround.
Downloads or computerized patches accessible for different vulnerabilities
Microsoft is conscious of some different points with the most recent Home windows 11 construct. The OpenSSH (Open Safe Shell) could not open for customers who’ve put in the October 2024 safety replace. Microsoft has launched a repair. In the meantime, Arm customers can solely entry the online game Roblox straight — versus by the Microsoft Retailer on Home windows — for now.
On Jan. 7, Microsoft launched an replace to PowerPoint 2016. The group has fastened an issue by which OLE may routinely load and instantiate in PowerPoint. Customers with Microsoft Replace will obtain the patch routinely, or it may be downloaded manually.
Microsoft highlighted one patch from exterior its ecosystem in January: CVE-2024-50338, an info disclosure vulnerability in Git for Microsoft Visible Studio, has been patched. The vulnerability can expose secrets and techniques or privileged info belonging to Visible Studio customers.
