{"id":62615,"date":"2025-01-30T11:16:53","date_gmt":"2025-01-30T11:16:53","guid":{"rendered":"https:\/\/www.n-able.com\/?p=62615"},"modified":"2025-01-30T11:16:53","modified_gmt":"2025-01-30T11:16:53","slug":"patch-tuesday-january-2025","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/es\/blog\/patch-tuesday-january-2025","title":{"rendered":"Patch Tuesday January 2025: Three Hyper-V Zero-days and New Outlook in Windows 10"},"content":{"rendered":"

The January 2025 updates from Microsoft brings fixes for a large number of vulnerabilities, including three zero-day vulnerabilities that are Under Active Exploitation that affect Windows Hyper-V, and five more Publicly Disclosed zero-days that are marked as Exploitation Less Likely, but should still receive attention via mitigation through patching and additional mitigation measures. Microsoft is also forcing New Outlook<\/a> to Windows 10 devices enrolled in preview updates, which will require the attention of MSPs that don\u2019t want to see their helpdesk queues backup with user complaints about unfamiliarity with a new version of Outlook suddenly appearing. <\/span><\/p>\n

Microsoft Vulnerabilities <\/span><\/h1>\n

A total of 159 vulnerabilities were addressed with fixes for January\u2019s Patch Tuesday, including the above zero-days, as well as fixes that improve Windows 10 22H2 and Windows 10 21H2 resiliency against Bring Your Own Vulnerable Driver (BYOVD)<\/a> attacks. On top of this, there are also fixes for 17 vulnerabilities marked as Exploitation More Likely, so you will need to make sure you factor these into your planning for this month\u2019s patching. As always make sure you consider temporal elements such as likelihood of exploitation to ensure proper risk management. <\/span><\/p>\n

CVE-2025-21333<\/a>, CVE-2025-21334<\/a>, and CVE-2025-21335<\/a> are the three zero-days Under Active Exploitation that all involve Windows Hyper-V. They are all privilege escalation vulnerabilities and are of note for IT admins and MSPs as these vulnerabilities don\u2019t affect just servers running the Hyper-V role, they also affect Windows 10 and Windows 11. Hyper-V has become the modern Windows OS equivalent of Internet Explorer; deeply embedded in systems and used for things you would never expect it to be a part of, and that keeps poking it\u2019s head up where you least expect it in vulnerability reports. As zero-days Under Exploitation and with a wide install base of affected Windows 10 and Windows 11 devices, you should put these at the top of your priority list. <\/span><\/p>\n

CVE-2025-21186<\/a>, and CVE-2025-21366<\/a> is a remote code execution vulnerability affecting Microsoft Office 2016, 2019, 2021, 2024, Microsoft 365 Apps and Microsoft Access 2016 through the use of modified Microsoft Access documents. Microsoft guidance to address these vulnerabilities is to apply security updates through normal patching and Microsoft Office\u2019s Click to Run update mechanism. In addition, you may consider adding the following file extensions to your email filter solution to reduce chances for exposure, and to gain some breathing room to ensure all affected devices are updated:<\/span><\/p>\n