Microsoft Monthly Security Update – 15 January 2025

In Cyber Security by Matsco Engineering Team

 

Microsoft have released a security advisory on the 15th of January 2025 in line with their regular monthly patch schedule which includes a number of updates to address one (1) high risk and five (5) medium risk vulnerabilities.

These updates address vulnerabilities which may impact services through Denial of Service, Elevation of Privilege, Remote Code Execution, Security Restriction Bypass, Information Disclosure and Spoofing. 

For more information please see: Microsoft Security Update

This release consists of security updates for the following products, features and roles:

  • .NET
  • .NET and Visual Studio
  • .NET, .NET Framework, Visual Studio
  • Active Directory Domain Services
  • Active Directory Federation Services
  • Azure Marketplace SaaS Resources
  • BranchCache
  • Internet Explorer
  • IP Helper
  • Line Printer Daemon Service (LPD)
  • Microsoft AutoUpdate (MAU)
  • Microsoft Azure Gateway Manager
  • Microsoft Brokering File System
  • Microsoft Digest Authentication
  • Microsoft Graphics Component
  • Microsoft Office
  • Microsoft Office Access
  • Microsoft Office Excel
  • Microsoft Office OneNote
  • Microsoft Office Outlook
  • Microsoft Office Outlook for Mac
  • Microsoft Office SharePoint
  • Microsoft Office Visio
  • Microsoft Office Word
  • Microsoft Purview
  • Microsoft Windows Search Component
  • Power Automate
  • Reliable Multicast Transport Driver (RMCAST)
  • Visual Studio
  • Windows BitLocker
  • Windows Boot Loader
  • Windows Boot Manager
  • Windows Client-Side Caching (CSC) Service
  • Windows Cloud Files Mini Filter Driver
  • Windows COM
  • Windows Connected Devices Platform Service
  • Windows Cryptographic Services
  • Windows Digital Media
  • Windows Direct Show
  • Windows DWM Core Library
  • Windows Event Tracing
  • Windows Geolocation Service
  • Windows Hello
  • Windows Hyper-V NT Kernel Integration VSP
  • Windows Installer
  • Windows Kerberos
  • Windows Kernel Memory
  • Windows MapUrlToZone
  • Windows Mark of the Web (MOTW)
  • Windows Message Queuing
  • Windows NTLM
  • Windows OLE
  • Windows PrintWorkflowUserSvc
  • Windows Recovery Environment Agent
  • Windows Remote Desktop Services
  • Windows Security Account Manager
  • Windows Smart Card
  • Windows SmartScreen
  • Windows SPNEGO Extended Negotiation
  • Windows Telephony Service
  • Windows Themes
  • Windows UPnP Device Host
  • Windows Virtual Trusted Platform Module
  • Windows Virtualization-Based Security (VBS) Enclave
  • Windows Web Threat Defense User Service
  • Windows Win32K - GRFX
  • Windows WLAN Auto Config Service

 

CVE-2025-21333CVE-2025-21334 and CVE-2025-21335 are being exploited in the wild and an attacker who successfully exploits this vulnerability could gain SYSTEM privileges.  

Please contact the Matsco Solutions team on the below if you would like any further information or would like to schedule a maintenance.

support@matscosolutions.com

Beijing  +86 400 120 2782
Hong Kong  +852 8101 8418
London   +44 (0)20 7821 4950
New York  +1 866 446 9226
Singapore  +65 6100 1090

Share this Post