High Threat Security Alert (A25-01-07): Multiple Vulnerabilities in Microsoft Products (January 2025)

Description:

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. The list of security updates can be found at:
https://msrc.microsoft.com/update-guide/releaseNote/2025-Jan

Reports indicated that the elevation of privilege vulnerabilities (CVE-2025-21333, CVE-2025-21334 and CVE-2025-21335) in Microsoft Windows and Server are being exploited in the wild and the technical details of vulnerabilities (CVE-2025-21186, CVE-2025-21275, CVE-2025-21308, CVE-2025-21366 and CVE-2025-21395) in Microsoft Windows and Server as well as Microsoft Office, Access and 365 Apps for Enterprise were publicly disclosed. In addition, multiple vulnerabilities (CVE-2025-21298, CVE-2025-21307 and CVE-2025-21311) in Microsoft Windows and Server are also at a high risk of exploitation. System administrators and users are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

Affected Systems:

• Microsoft Windows 10, 11
• Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, 2022, 2022, 23H2 Edition, 2025
• Microsoft Edge prior to version 131.0.2903.147
• Microsoft Office 2016, 2019, LTSC 2021, LTSC 2024, LTSC for Mac 2021, LTSC for Mac 2024
• Microsoft Office for Android, for iOS, for Mac, for Universal
• Microsoft Excel 2016
• Microsoft Outlook 2016
• Microsoft Outlook for Mac
• Microsoft 365 Apps for Enterprise
• Microsoft Access 2016
• Microsoft SharePoint Enterprise Server 2016
• Microsoft SharePoint Server 2019, Subscription Edition
• Microsoft Visual Studio 2017, 2019, 2022
• Microsoft .NET Framework 3.5, 4.6, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1
• .NET 8.0 installed, 8.0 installed on Linux, 8.0 installed on Mac OS, 9.0 installed, 9.0 installed on Linux, 9.0 installed on Mac OS
• Microsoft AutoUpdate for Mac
• Microsoft OneNote for Mac
• Office Online Server
• On-Premises Data Gateway
• Power Automate for Desktop

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, elevation of privilege, information disclosure, security feature bypass or spoofing on an affected system.

Recommendation:

Patches for affected systems are available from the Windows Update / Microsoft Update Catalog. System administrators and users of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

More Information:

• https://msrc.microsoft.com/update-guide/releaseNote/2025-Jan
• https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#january-10-2025
• https://www.hkcert.org/security-bulletin/microsoft-monthly-security-update-january-2025
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7344
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50338
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0291
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21171 (to CVE-2025-21173)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21176
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21178
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21186 (to CVE-2025-21187)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21189
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21193
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21202
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21207
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21210 (to CVE-2025-21211)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21213 (to CVE-2025-21215)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21217 (to CVE-2025-21220)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21223 (to CVE-2025-21246)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21248 (to CVE-2025-21252)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21255 (to CVE-2025-21258)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21260 (to CVE-2025-21261)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21263
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21265 (to CVE-2025-21266)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21268 (to CVE-2025-21278)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21280 (to CVE-2025-21282)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21284 (to CVE-2025-21321)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21323 (to CVE-2025-21324)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21326 (to CVE-2025-21336)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21338 (to CVE-2025-21341)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21343 (to CVE-2025-21346)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21348
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21354
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21356 (to CVE-2025-21357)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21360 (to CVE-2025-21366)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21370
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21372
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21374
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21378
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21382
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21389
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21393
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21395
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21402 (to CVE-2025-21403)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21405
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21409
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21411
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21413
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21417