Microsoft’s latest batch of safety patches consists of an prolonged blacklist for sure Home windows kernel susceptible drivers and fixes for varied elevation of privilege vulnerabilities. The January 2025 safety replace addressed 159 vulnerabilities.

Safety measures have to be utilized to maintain software program updated. Nonetheless, early variations of patches will be unreliable and ought to be approached with warning and deployed in check environments first.

Microsoft updates the Susceptible Drivers blacklist

The January 2025 Safety Replace for Home windows 11, model 24H2, expands the listing of susceptible drivers that can be utilized in Deliver Your Personal Susceptible Driver assaults. BYOVD vulnerabilities in kernel drivers might enable risk actors to sneak malware into the kernel.

“The Susceptible Driver Blocklist is designed to assist harden techniques in opposition to non-Microsoft developed drivers throughout the Home windows ecosystem,” in accordance with Microsoft’s really helpful driver block guidelines.

Vulnerability in Home windows Hyper-V NT Kernel Integration VSP difficulty fastened

Microsoft has launched patches for 3 Home windows Hyper-V NT Kernel Integration VSP Elevation of Privilege vulnerabilities which have already been exploited: CVE-2025-21333, CVE-2025-21334and CVE-2025-21335. By efficiently exploiting any of them, an attacker might have granted SYSTEM privileges.

SEE: Staff bypassing safety strategies stay a serious concern for companies.

A couple of vulnerabilities rating excessive on the CVSS severity rating

Different essential CVEs on this replace embody a distant code execution vulnerability in Object Linking and Embedding, a expertise that allows linking in Microsoft Outlook. This vulnerability has a severity score of 9.8, however has not been exploited within the wild.

Likewise, a growing privilege vulnerability within the NTLMv1 protocol has a score of 9.8 however has not been publicly exploited. The third threat, with a rating of 9.8, patched in January, is a distant code execution vulnerability within the Home windows Dependable Multicast Transport Driver.

Citrix elements might intervene with the set up of the January Safety Replace

Customers with Citrix elements of their computer systems might not be capable of set up the January 2025 Home windows Safety Replace, Microsoft identified. Microsoft and Citrix are engaged on an answer, and Citrix has supplied an answer.

Downloads or automated fixes out there for different vulnerabilities

Microsoft is conscious of another points with the most recent Home windows 11 construct. The OpenSSH (Open Safe Shell) might not open for customers who’ve put in the October 2024 Safety Replace. Microsoft has launched a repair. In the meantime, Arm customers can solely entry the online game Roblox instantly for now – versus via the Microsoft Retailer on Home windows.

On January 7, Microsoft launched an replace to PowerPoint 2016. The group fastened a problem wherein OLE might robotically load and instantiate in PowerPoint. Customers with Microsoft Replace will obtain the patch robotically, or it could be manually downloaded.

In January, Microsoft highlighted one patch from exterior its ecosystem: CVE-2024-50338, an data disclosure vulnerability in Git for Microsoft Visible Studio, has been fastened. The vulnerability might expose secret or privileged data belonging to Visible Studio customers.