Microsoft's January 2025 Patch Tuesday includes updates for 159 vulnerabilities, addressing eight zero-day flaws, three of which have been actively exploited. The updates also fix 12 Critical vulnerabilities, covering information disclosure, privilege escalation, and remote code execution.
Three actively exploited zero-day vulnerabilities were patched; CVE-2025-21333, CVE-2025-21334, CVE-2025-21335
Microsoft also addressed five publicly disclosed zero-day vulnerabilities:
CVE-2025-21275: A Windows App Package Installer flaw enabling SYSTEM privilege escalation.
CVE-2025-21308: A Windows Themes spoofing vulnerability allowing NTLM credentials to be exposed when viewing malicious theme files. This can be mitigated by disabling NTLM or enabling strict outgoing NTLM policies.
CVE-2025-21186, CVE-2025-21366, CVE-2025-21395: Remote code execution vulnerabilities in Microsoft Access, triggered by opening malicious Access documents. Mitigation includes blocking specific Access file types sent via email.
All users are advised to apply these updates promptly to protect against potential exploitation.
