January, 2025: Patch Tuesday - 8 Zero Days and 14 Critical

Welcome to my January Patch Tuesday newsletter. We are starting the year off catching up for a slow December last year. Today Microsoft released updates for 159 vulnerabilities and an additional 10 in the past 30 days for a total of 169 patches within the past month. There are a total of 8 zero days; 5 that are public and 3 that are exploited but at this point none that are both:

In addition to these there are another 14 critical updates from this month. 8 of these affect the Windows OS with 3 of the remaining affecting Azure Marketplace SaaS, Defender for Endpoint for Windows and the MS Update Catalog and the final 3 affecting various MS Office products. Be sure to check the chart below for more information.

Many of you are familiar with my Security Log Encyclopedia. This past week I published what I am calling the "Windows Event Collection Encyclopedia" over at LOGbinder.com. It outlines WEC and all its moving parts and pieces as well as using WEC with non-AD / Entra-joined machines. Whether you know little about Windows event collection or are an expert, I am sure that you will benefit from it.

Happy patching!

Patch data provided by:

LOGbinder.com

Technology

Products Affected

Severity

Reference

Workaround/ Exploited / Publicly Disclosed

Vulnerability Info

Windows

Windows 10, 11

Server 2008 SP2, 2008 R2 SP1, 2012, 2012 R2, 2016, 2019, 2022, 2025 including Server Core Installations

Critical

CVE-2024-7344
CVE-2025-21189
CVE-2025-21193
CVE-2025-21202
CVE-2025-21207
CVE-2025-21210
CVE-2025-21211
CVE-2025-21213
CVE-2025-21214
CVE-2025-21215
CVE-2025-21217
CVE-2025-21218
CVE-2025-21219
CVE-2025-21220
CVE-2025-21223
CVE-2025-21224
CVE-2025-21225
CVE-2025-21226
CVE-2025-21227
CVE-2025-21228
CVE-2025-21229
CVE-2025-21230
CVE-2025-21231
CVE-2025-21232
CVE-2025-21233
CVE-2025-21234
CVE-2025-21235
CVE-2025-21236
CVE-2025-21237
CVE-2025-21238
CVE-2025-21239
CVE-2025-21240
CVE-2025-21241
CVE-2025-21242
CVE-2025-21243
CVE-2025-21244
CVE-2025-21245
CVE-2025-21246
CVE-2025-21248
CVE-2025-21249
CVE-2025-21250
CVE-2025-21251
CVE-2025-21252
CVE-2025-21255
CVE-2025-21256
CVE-2025-21257
CVE-2025-21258
CVE-2025-21260
CVE-2025-21261
CVE-2025-21263
CVE-2025-21265
CVE-2025-21266
CVE-2025-21268
CVE-2025-21269
CVE-2025-21270
CVE-2025-21271
CVE-2025-21272
CVE-2025-21273
CVE-2025-21274
CVE-2025-21275**
CVE-2025-21276
CVE-2025-21277
CVE-2025-21278
CVE-2025-21280
CVE-2025-21281
CVE-2025-21282
CVE-2025-21284
CVE-2025-21285
CVE-2025-21286
CVE-2025-21287
CVE-2025-21288
CVE-2025-21289
CVE-2025-21290
CVE-2025-21291
CVE-2025-21292
CVE-2025-21293
CVE-2025-21294
CVE-2025-21295
CVE-2025-21296
CVE-2025-21297
CVE-2025-21298
CVE-2025-21299
CVE-2025-21300
CVE-2025-21301
CVE-2025-21302
CVE-2025-21303
CVE-2025-21304
CVE-2025-21305
CVE-2025-21306
CVE-2025-21307
CVE-2025-21308**
CVE-2025-21309
CVE-2025-21310
CVE-2025-21311
CVE-2025-21312
CVE-2025-21313
CVE-2025-21314
CVE-2025-21315
CVE-2025-21316
CVE-2025-21317
CVE-2025-21318
CVE-2025-21319
CVE-2025-21320
CVE-2025-21321
CVE-2025-21323
CVE-2025-21324
CVE-2025-21326
CVE-2025-21327
CVE-2025-21328
CVE-2025-21329
CVE-2025-21330
CVE-2025-21331
CVE-2025-21332
CVE-2025-21333*
CVE-2025-21334*
CVE-2025-21335*
CVE-2025-21336
CVE-2025-21338
CVE-2025-21339
CVE-2025-21340
CVE-2025-21341
CVE-2025-21343
CVE-2025-21370
CVE-2025-21372
CVE-2025-21374
CVE-2025-21378
CVE-2025-21382
CVE-2025-21389
CVE-2025-21409
CVE-2025-21411
CVE-2025-21413
CVE-2025-21417

Workaround: No
Exploited: Yes*
Public: Yes**

Denial of Service

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Spoofing

Edge

Chromium-based

High (Google rating)

CVE-2024-12381
CVE-2024-12382
CVE-2024-12692
CVE-2024-12693
CVE-2024-12694
CVE-2024-12695

Workaround: No
Exploited: No
Public: No

Type Confusion

Use After Free

Out of Bounds

Office

365 Apps for Enterprise

Access/Excel/Outlook 2016

Office 2016, 2019

LTSC 2021, 2024 including for Mac

AutoUpdate /OneNote/Outlook for Mac

Office for Android, iOS, Mac and Universal

Online Server

Purview

Critical

CVE-2025-21186**
CVE-2025-21338
CVE-2025-21345
CVE-2025-21346
CVE-2025-21354
CVE-2025-21356
CVE-2025-21357
CVE-2025-21360
CVE-2025-21361
CVE-2025-21362
CVE-2025-21363
CVE-2025-21364
CVE-2025-21365
CVE-2025-21366**
CVE-2025-21385
CVE-2025-21395**
CVE-2025-21402

Workaround: No
Exploited: No
Public: Yes**

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

SharePoint

Enterprise Server 2016

Server 2019

Server Subscription Edition

Important

CVE-2025-21344
CVE-2025-21348
CVE-2025-21393

Workaround: No
Exploited: No
Public: No

Remote Code Execution

Spoofing

Azure

Marketplace SaaS

On-Premises Data Gateway

Critical

CVE-2025-21380
CVE-2025-21403

Workaround: No
Exploited: No
Public: No

Information Disclosure

.NET

8.0/9.0 on Linux, MacOS, Windows

3.5,4.6, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1

Important

CVE-2025-21171
CVE-2025-21172
CVE-2025-21173
CVE-2025-21176

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Remote Code Execution

Visual Studio

15.0 - 15.9, 16.11, 17.10, 17.12, 17.6, 17.8

Important

CVE-2024-50338
CVE-2025-21171
CVE-2025-21172
CVE-2025-21173
CVE-2025-21176
CVE-2025-21178
CVE-2025-21405

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Information Disclosure

Remote Code Execution

System Center

Defender for EndPoint for Windows

Critical

CVE-2024-49071

Workaround: No
Exploited: No
Public: No

Information Disclosure

Dynamics

Power Automate for Desktop

Important

CVE-2025-21187

Workaround: No
Exploited: No
Public: No

Remote Code Execution

Apps

Microsoft Update Catalog

Critical

CVE-2024-49147

Workaround: No
Exploited: No
Public: No

Elevation of Privilege