Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs

On January 14, Microsoft released its January 2025 Patch Tuesday release which patched 157 CVEs with 10 rated as critical and 147 rated as important.

Of the 157 CVEs patched this month, there were eight zero-days, including three that were exploited in the wild (CVE-2025-21333, CVE-2025-21334 and CVE-2025-21335) and five that were publicly disclosed (CVE-2025-21186, CVE-2025-21366, CVE-2025-21395, CVE-2025-21308, CVE-2025-21275) prior to a patches being made available.

This month’s update includes patches for:

• .NET
• .NET and Visual Studio
• .NET,.NET Framework, Visual Studio
• Active Directory Domain Services
• Active Directory Federation Services
• Azure Marketplace SaaS Resources
• BranchCache
• IP Helper
• Internet Explorer
• Line Printer Daemon Service (LPD)
• Microsoft AutoUpdate (MAU)
• Microsoft Azure Gateway Manager
• Microsoft Brokering File System
• Microsoft Digest Authentication
• Microsoft Graphics Component
• Microsoft Office
• Microsoft Office Access
• Microsoft Office Excel
• Microsoft Office OneNote
• Microsoft Office Outlook
• Microsoft Office Outlook for Mac
• Microsoft Office SharePoint
• Microsoft Office Visio
• Microsoft Office Word
• Microsoft Purview
• Microsoft Windows Search Component
• Power Automate
• Reliable Multicast Transport Driver (RMCAST)
• Visual Studio
• Windows BitLocker
• Windows Boot Loader
• Windows Boot Manager
• Windows COM
• Windows Client-Side Caching (CSC) Service
• Windows Cloud Files Mini Filter Driver
• Windows Connected Devices Platform Service
• Windows Cryptographic Services
• Windows DWM Core Library
• Windows Digital Media
• Windows Direct Show
• Windows Event Tracing
• Windows Geolocation Service
• Windows Hello
• Windows Hyper-V NT Kernel Integration VSP
• Windows Installer
• Windows Kerberos
• Windows Kernel Memory
• Windows MapUrlToZone
• Windows Mark of the Web (MOTW)
• Windows Message Queuing
• Windows NTLM
• Windows OLE
• Windows PrintWorkflowUserSvc
• Windows Recovery Environment Agent
• Windows Remote Desktop Services
• Windows SPNEGO Extended Negotiation
• Windows Security Account Manager
• Windows Smart Card
• Windows SmartScreen
• Windows Telephony Service
• Windows Themes
• Windows UPnP Device Host
• Windows Virtual Trusted Platform Module
• Windows Virtualization-Based Security (VBS) Enclave
• Windows WLAN Auto Config Service
• Windows Web Threat Defense User Service
• Windows Win32K - GRFX

For more information, please visit our blog.