Microsoft January 2025 Security Updates

Security 10821 Published 2025-01-14 21:36 by Philipp Esselbach

News

Microsoft has issued 159 security updates for January 2025, addressing a range of vulnerabilities. The updates encompass a resolution for .NET, .NET Framework, Visual Studio, Microsoft Office Access, Power Automate, Windows MapUrlToZone, Active Directory Federation Services, Windows Recovery Environment Agent, Windows Connected Devices Platform Service, Windows Virtual Trusted Platform Module, Windows Boot Loader, Windows BitLocker, Windows Boot Manager, Windows Mark of the Web, Windows Kerberos, Windows Message Queuing, Windows Telephony Service, Line Printer Daemon Service (LPD), Windows Remote Desktop Services, Windows Digital Media, IP Helper, Windows PrintWorkflowUserSvc, and other related services.

January 2025 Security Updates

This release consists of the following 159 Microsoft CVEs:

Tag CVE Base Score FAQs? Workarounds? Mitigations?
.NET CVE-2025-21171 8.1 Yes No No
.NET and Visual Studio CVE-2025-21172 7.5 Yes No No
.NET CVE-2025-21173 8.0 Yes No No
.NET, .NET Framework, Visual Studio CVE-2025-21176 8.8 Yes No No
Visual Studio CVE-2025-21178 8.8 Yes No No
Microsoft Office Access CVE-2025-21186 7.8 Yes No No
Power Automate CVE-2025-21187 7.8 Yes No No
Windows MapUrlToZone CVE-2025-21189 4.3 Yes No No
Active Directory Federation Services CVE-2025-21193 6.5 Yes No No
Windows Recovery Environment Agent CVE-2025-21202 6.1 Yes No No
Windows Connected Devices Platform Service CVE-2025-21207 7.5 Yes No No
Windows Virtual Trusted Platform Module CVE-2025-21210 4.2 Yes No No
Windows Boot Loader CVE-2025-21211 6.8 Yes No No
Windows BitLocker CVE-2025-21213 4.6 Yes No No
Windows BitLocker CVE-2025-21214 4.2 Yes No No
Windows Boot Manager CVE-2025-21215 4.6 Yes No No
Windows Mark of the Web (MOTW) CVE-2025-21217 6.5 Yes No No
Windows Kerberos CVE-2025-21218 7.5 Yes No No
Windows MapUrlToZone CVE-2025-21219 4.3 Yes No No
Windows Message Queuing CVE-2025-21220 7.5 Yes No No
Windows Telephony Service CVE-2025-21223 8.8 Yes No No
Line Printer Daemon Service (LPD) CVE-2025-21224 8.1 Yes No Yes
Windows Remote Desktop Services CVE-2025-21225 5.9 Yes No No
Windows Digital Media CVE-2025-21226 6.6 Yes No No
Windows Digital Media CVE-2025-21227 6.6 Yes No No
Windows Digital Media CVE-2025-21228 6.6 Yes No No
Windows Digital Media CVE-2025-21229 6.6 Yes No No
Windows Message Queuing CVE-2025-21230 7.5 Yes No No
IP Helper CVE-2025-21231 7.5 Yes No No
Windows Digital Media CVE-2025-21232 6.6 Yes No No
Windows Telephony Service CVE-2025-21233 8.8 Yes No No
Windows PrintWorkflowUserSvc CVE-2025-21234 7.8 Yes No No
Windows PrintWorkflowUserSvc CVE-2025-21235 7.8 Yes No No
Windows Telephony Service CVE-2025-21236 8.8 Yes No No
Windows Telephony Service CVE-2025-21237 8.8 Yes No No
Windows Telephony Service CVE-2025-21238 8.8 Yes No No
Windows Telephony Service CVE-2025-21239 8.8 Yes No No
Windows Telephony Service CVE-2025-21240 8.8 Yes No No
Windows Telephony Service CVE-2025-21241 8.8 Yes No No
Windows Kerberos CVE-2025-21242 5.9 Yes No No
Windows Telephony Service CVE-2025-21243 8.8 Yes No No
Windows Telephony Service CVE-2025-21244 8.8 Yes No No
Windows Telephony Service CVE-2025-21245 8.8 Yes No No
Windows Telephony Service CVE-2025-21246 8.8 Yes No No
Windows Telephony Service CVE-2025-21248 8.8 Yes No No
Windows Digital Media CVE-2025-21249 6.6 Yes No No
Windows Telephony Service CVE-2025-21250 8.8 Yes No No
Windows Message Queuing CVE-2025-21251 7.5 Yes No No
Windows Telephony Service CVE-2025-21252 8.8 Yes No No
Windows Digital Media CVE-2025-21255 6.6 Yes No No
Windows Digital Media CVE-2025-21256 6.6 Yes No No
Windows WLAN Auto Config Service CVE-2025-21257 5.5 Yes No No
Windows Digital Media CVE-2025-21258 6.6 Yes No No
Windows Digital Media CVE-2025-21260 6.6 Yes No No
Windows Digital Media CVE-2025-21261 6.6 Yes No No
Windows Digital Media CVE-2025-21263 6.6 Yes No No
Windows Digital Media CVE-2025-21265 6.6 Yes No No
Windows Telephony Service CVE-2025-21266 8.8 Yes No No
Windows MapUrlToZone CVE-2025-21268 4.3 Yes No No
Windows MapUrlToZone CVE-2025-21269 4.3 Yes No No
Windows Message Queuing CVE-2025-21270 7.5 Yes No No
Windows Cloud Files Mini Filter Driver CVE-2025-21271 7.8 Yes No No
Windows COM CVE-2025-21272 6.5 Yes No No
Windows Telephony Service CVE-2025-21273 8.8 Yes No No
Windows Event Tracing CVE-2025-21274 5.5 Yes No No
Windows Installer CVE-2025-21275 7.8 Yes No No
Windows MapUrlToZone CVE-2025-21276 7.5 Yes No No
Windows Message Queuing CVE-2025-21277 7.5 Yes No No
Windows Remote Desktop Services CVE-2025-21278 6.2 No No No
Windows Virtual Trusted Platform Module CVE-2025-21280 5.5 Yes No No
Windows COM CVE-2025-21281 7.8 Yes No No
Windows Telephony Service CVE-2025-21282 8.8 Yes No No
Windows Virtual Trusted Platform Module CVE-2025-21284 5.5 Yes No No
Windows Message Queuing CVE-2025-21285 7.5 Yes No No
Windows Telephony Service CVE-2025-21286 8.8 Yes No No
Windows Installer CVE-2025-21287 7.8 Yes No No
Windows COM CVE-2025-21288 6.5 Yes No No
Windows Message Queuing CVE-2025-21289 7.5 Yes No No
Windows Message Queuing CVE-2025-21290 7.5 Yes No No
Windows Direct Show CVE-2025-21291 8.8 Yes No No
Microsoft Windows Search Component CVE-2025-21292 8.8 Yes No No
Active Directory Domain Services CVE-2025-21293 8.8 Yes No No
Microsoft Digest Authentication CVE-2025-21294 8.1 Yes No No
Windows SPNEGO Extended Negotiation CVE-2025-21295 8.1 Yes No No
BranchCache CVE-2025-21296 7.5 Yes No No
Windows Remote Desktop Services CVE-2025-21297 8.1 Yes No No
Windows OLE CVE-2025-21298 9.8 Yes Yes No
Windows Kerberos CVE-2025-21299 7.1 Yes No No
Windows UPnP Device Host CVE-2025-21300 7.5 No No No
Windows Geolocation Service CVE-2025-21301 6.5 Yes No No
Windows Telephony Service CVE-2025-21302 8.8 Yes No No
Windows Telephony Service CVE-2025-21303 8.8 Yes No No
Windows DWM Core Library CVE-2025-21304 7.8 Yes No No
Windows Telephony Service CVE-2025-21305 8.8 Yes No No
Windows Telephony Service CVE-2025-21306 8.8 Yes No No
Reliable Multicast Transport Driver (RMCAST) CVE-2025-21307 9.8 Yes No Yes
Windows Themes CVE-2025-21308 6.5 Yes No Yes
Windows Remote Desktop Services CVE-2025-21309 8.1 Yes No No
Windows Digital Media CVE-2025-21310 6.6 Yes No No
Windows NTLM CVE-2025-21311 9.8 Yes No No
Windows Smart Card CVE-2025-21312 2.4 Yes No No
Windows Security Account Manager CVE-2025-21313 6.5 Yes No No
Windows SmartScreen CVE-2025-21314 6.5 Yes No No
Microsoft Brokering File System CVE-2025-21315 7.8 Yes No No
Windows Kernel Memory CVE-2025-21316 5.5 Yes No No
Windows Kernel Memory CVE-2025-21317 5.5 Yes No No
Windows Kernel Memory CVE-2025-21318 5.5 Yes No No
Windows Kernel Memory CVE-2025-21319 5.5 Yes No No
Windows Kernel Memory CVE-2025-21320 5.5 Yes No No
Windows Kernel Memory CVE-2025-21321 5.5 Yes No No
Windows Kernel Memory CVE-2025-21323 5.5 Yes No No
Windows Digital Media CVE-2025-21324 6.6 Yes No No
Internet Explorer CVE-2025-21326 7.8 Yes No No
Windows Digital Media CVE-2025-21327 6.6 Yes No No
Windows MapUrlToZone CVE-2025-21328 4.3 Yes No No
Windows MapUrlToZone CVE-2025-21329 4.3 Yes No No
Windows Remote Desktop Services CVE-2025-21330 7.5 Yes No No
Windows Installer CVE-2025-21331 7.3 Yes No No
Windows MapUrlToZone CVE-2025-21332 4.3 No No No
Windows Hyper-V NT Kernel Integration VSP CVE-2025-21333 7.8 Yes No No
Windows Hyper-V NT Kernel Integration VSP CVE-2025-21334 7.8 Yes No No
Windows Hyper-V NT Kernel Integration VSP CVE-2025-21335 7.8 Yes No No
Windows Cryptographic Services CVE-2025-21336 5.6 Yes No No
Windows Win32K - GRFX CVE-2025-21338 7.8 Yes No No
Windows Telephony Service CVE-2025-21339 8.8 Yes No No
Windows Hello CVE-2025-21340 5.5 Yes No No
Windows Digital Media CVE-2025-21341 6.6 Yes No No
Windows Web Threat Defense User Service CVE-2025-21343 7.5 Yes No No
Microsoft Office SharePoint CVE-2025-21344 7.8 Yes No No
Microsoft Office Visio CVE-2025-21345 7.8 Yes No No
Microsoft Office CVE-2025-21346 7.1 Yes No No
Microsoft Office SharePoint CVE-2025-21348 7.2 Yes No No
Microsoft Office Excel CVE-2025-21354 7.8 Yes No No
Microsoft Office Visio CVE-2025-21356 7.8 Yes No No
Microsoft Office Outlook CVE-2025-21357 6.7 Yes No No
Microsoft AutoUpdate (MAU) CVE-2025-21360 7.8 Yes No No
Microsoft Office Outlook for Mac CVE-2025-21361 7.8 Yes No No
Microsoft Office Excel CVE-2025-21362 7.8 Yes No No
Microsoft Office Word CVE-2025-21363 7.8 Yes No No
Microsoft Office Excel CVE-2025-21364 7.8 Yes No No
Microsoft Office CVE-2025-21365 7.8 Yes No No
Microsoft Office Access CVE-2025-21366 7.8 Yes No No
Windows Virtualization-Based Security (VBS) Enclave CVE-2025-21370 7.8 Yes No No
Microsoft Brokering File System CVE-2025-21372 7.8 Yes No No
Windows Client-Side Caching (CSC) Service CVE-2025-21374 5.5 Yes No No
Windows Client-Side Caching (CSC) Service CVE-2025-21378 7.8 Yes No No
Azure Marketplace SaaS Resources CVE-2025-21380 8.8 Yes No No
Microsoft Graphics Component CVE-2025-21382 7.8 Yes No No
Microsoft Purview CVE-2025-21385 8.8 Yes No No
Windows UPnP Device Host CVE-2025-21389 7.5 No No No
Microsoft Office SharePoint CVE-2025-21393 6.3 Yes No No
Microsoft Office Access CVE-2025-21395 7.8 Yes No No
Microsoft Office OneNote CVE-2025-21402 7.8 Yes No No
Microsoft Azure Gateway Manager CVE-2025-21403 6.4 Yes No No
Visual Studio CVE-2025-21405 7.3 No No No
Windows Telephony Service CVE-2025-21409 8.8 Yes No No
Windows Telephony Service CVE-2025-21411 8.8 Yes No No
Windows Telephony Service CVE-2025-21413 8.8 Yes No No
Windows Telephony Service CVE-2025-21417 8.8 Yes No No

We are republishing 2 non-Microsoft CVEs:

CNA Tag CVE FAQs? Workarounds? Mitigations?
GitHub Visual Studio CVE-2024-50338 Yes No No
CERT CC Windows Secure Boot CVE-2024-7344 Yes No No

Security Update Guide Blog Posts

Date Blog Post
November 12, 2024 Toward greater transparency: Publishing machine-readable CSAF files
June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs
April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
January 11, 2022 Coming Soon: New Security Update Guide Notification System
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Let’s keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

Relevant Resources

The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.

Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.

Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

Known Issues

You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).
KB Article Applies To
5049981 Windows 10, version 21H2, Windows 10, version 22H2
5049983 Windows Server 2022
5049984 Windows Server 2022, 23H2 Edition (Server Core installation)
5050008 Windows 10, version 1809, Windows Server 2019
5050009 Windows 11, version 24H2
5050021 Windows 11, version 22H2, Windows 11, version 23H2
5050061 Windows Server 2008 (Security-only update)
5050063 Windows Server 2008 (Monthly Rollup)

Security Update Guide - Microsoft Security Response Center

Tag	CVE	Base Score	FAQs?	Workarounds?	Mitigations?
.NET	CVE-2025-21171	8.1	Yes	No	No
.NET and Visual Studio	CVE-2025-21172	7.5	Yes	No	No
.NET	CVE-2025-21173	8.0	Yes	No	No
.NET, .NET Framework, Visual Studio	CVE-2025-21176	8.8	Yes	No	No
Visual Studio	CVE-2025-21178	8.8	Yes	No	No
Microsoft Office Access	CVE-2025-21186	7.8	Yes	No	No
Power Automate	CVE-2025-21187	7.8	Yes	No	No
Windows MapUrlToZone	CVE-2025-21189	4.3	Yes	No	No
Active Directory Federation Services	CVE-2025-21193	6.5	Yes	No	No
Windows Recovery Environment Agent	CVE-2025-21202	6.1	Yes	No	No
Windows Connected Devices Platform Service	CVE-2025-21207	7.5	Yes	No	No
Windows Virtual Trusted Platform Module	CVE-2025-21210	4.2	Yes	No	No
Windows Boot Loader	CVE-2025-21211	6.8	Yes	No	No
Windows BitLocker	CVE-2025-21213	4.6	Yes	No	No
Windows BitLocker	CVE-2025-21214	4.2	Yes	No	No
Windows Boot Manager	CVE-2025-21215	4.6	Yes	No	No
Windows Mark of the Web (MOTW)	CVE-2025-21217	6.5	Yes	No	No
Windows Kerberos	CVE-2025-21218	7.5	Yes	No	No
Windows MapUrlToZone	CVE-2025-21219	4.3	Yes	No	No
Windows Message Queuing	CVE-2025-21220	7.5	Yes	No	No
Windows Telephony Service	CVE-2025-21223	8.8	Yes	No	No
Line Printer Daemon Service (LPD)	CVE-2025-21224	8.1	Yes	No	Yes
Windows Remote Desktop Services	CVE-2025-21225	5.9	Yes	No	No
Windows Digital Media	CVE-2025-21226	6.6	Yes	No	No
Windows Digital Media	CVE-2025-21227	6.6	Yes	No	No
Windows Digital Media	CVE-2025-21228	6.6	Yes	No	No
Windows Digital Media	CVE-2025-21229	6.6	Yes	No	No
Windows Message Queuing	CVE-2025-21230	7.5	Yes	No	No
IP Helper	CVE-2025-21231	7.5	Yes	No	No
Windows Digital Media	CVE-2025-21232	6.6	Yes	No	No
Windows Telephony Service	CVE-2025-21233	8.8	Yes	No	No
Windows PrintWorkflowUserSvc	CVE-2025-21234	7.8	Yes	No	No
Windows PrintWorkflowUserSvc	CVE-2025-21235	7.8	Yes	No	No
Windows Telephony Service	CVE-2025-21236	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21237	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21238	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21239	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21240	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21241	8.8	Yes	No	No
Windows Kerberos	CVE-2025-21242	5.9	Yes	No	No
Windows Telephony Service	CVE-2025-21243	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21244	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21245	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21246	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21248	8.8	Yes	No	No
Windows Digital Media	CVE-2025-21249	6.6	Yes	No	No
Windows Telephony Service	CVE-2025-21250	8.8	Yes	No	No
Windows Message Queuing	CVE-2025-21251	7.5	Yes	No	No
Windows Telephony Service	CVE-2025-21252	8.8	Yes	No	No
Windows Digital Media	CVE-2025-21255	6.6	Yes	No	No
Windows Digital Media	CVE-2025-21256	6.6	Yes	No	No
Windows WLAN Auto Config Service	CVE-2025-21257	5.5	Yes	No	No
Windows Digital Media	CVE-2025-21258	6.6	Yes	No	No
Windows Digital Media	CVE-2025-21260	6.6	Yes	No	No
Windows Digital Media	CVE-2025-21261	6.6	Yes	No	No
Windows Digital Media	CVE-2025-21263	6.6	Yes	No	No
Windows Digital Media	CVE-2025-21265	6.6	Yes	No	No
Windows Telephony Service	CVE-2025-21266	8.8	Yes	No	No
Windows MapUrlToZone	CVE-2025-21268	4.3	Yes	No	No
Windows MapUrlToZone	CVE-2025-21269	4.3	Yes	No	No
Windows Message Queuing	CVE-2025-21270	7.5	Yes	No	No
Windows Cloud Files Mini Filter Driver	CVE-2025-21271	7.8	Yes	No	No
Windows COM	CVE-2025-21272	6.5	Yes	No	No
Windows Telephony Service	CVE-2025-21273	8.8	Yes	No	No
Windows Event Tracing	CVE-2025-21274	5.5	Yes	No	No
Windows Installer	CVE-2025-21275	7.8	Yes	No	No
Windows MapUrlToZone	CVE-2025-21276	7.5	Yes	No	No
Windows Message Queuing	CVE-2025-21277	7.5	Yes	No	No
Windows Remote Desktop Services	CVE-2025-21278	6.2	No	No	No
Windows Virtual Trusted Platform Module	CVE-2025-21280	5.5	Yes	No	No
Windows COM	CVE-2025-21281	7.8	Yes	No	No
Windows Telephony Service	CVE-2025-21282	8.8	Yes	No	No
Windows Virtual Trusted Platform Module	CVE-2025-21284	5.5	Yes	No	No
Windows Message Queuing	CVE-2025-21285	7.5	Yes	No	No
Windows Telephony Service	CVE-2025-21286	8.8	Yes	No	No
Windows Installer	CVE-2025-21287	7.8	Yes	No	No
Windows COM	CVE-2025-21288	6.5	Yes	No	No
Windows Message Queuing	CVE-2025-21289	7.5	Yes	No	No
Windows Message Queuing	CVE-2025-21290	7.5	Yes	No	No
Windows Direct Show	CVE-2025-21291	8.8	Yes	No	No
Microsoft Windows Search Component	CVE-2025-21292	8.8	Yes	No	No
Active Directory Domain Services	CVE-2025-21293	8.8	Yes	No	No
Microsoft Digest Authentication	CVE-2025-21294	8.1	Yes	No	No
Windows SPNEGO Extended Negotiation	CVE-2025-21295	8.1	Yes	No	No
BranchCache	CVE-2025-21296	7.5	Yes	No	No
Windows Remote Desktop Services	CVE-2025-21297	8.1	Yes	No	No
Windows OLE	CVE-2025-21298	9.8	Yes	Yes	No
Windows Kerberos	CVE-2025-21299	7.1	Yes	No	No
Windows UPnP Device Host	CVE-2025-21300	7.5	No	No	No
Windows Geolocation Service	CVE-2025-21301	6.5	Yes	No	No
Windows Telephony Service	CVE-2025-21302	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21303	8.8	Yes	No	No
Windows DWM Core Library	CVE-2025-21304	7.8	Yes	No	No
Windows Telephony Service	CVE-2025-21305	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21306	8.8	Yes	No	No
Reliable Multicast Transport Driver (RMCAST)	CVE-2025-21307	9.8	Yes	No	Yes
Windows Themes	CVE-2025-21308	6.5	Yes	No	Yes
Windows Remote Desktop Services	CVE-2025-21309	8.1	Yes	No	No
Windows Digital Media	CVE-2025-21310	6.6	Yes	No	No
Windows NTLM	CVE-2025-21311	9.8	Yes	No	No
Windows Smart Card	CVE-2025-21312	2.4	Yes	No	No
Windows Security Account Manager	CVE-2025-21313	6.5	Yes	No	No
Windows SmartScreen	CVE-2025-21314	6.5	Yes	No	No
Microsoft Brokering File System	CVE-2025-21315	7.8	Yes	No	No
Windows Kernel Memory	CVE-2025-21316	5.5	Yes	No	No
Windows Kernel Memory	CVE-2025-21317	5.5	Yes	No	No
Windows Kernel Memory	CVE-2025-21318	5.5	Yes	No	No
Windows Kernel Memory	CVE-2025-21319	5.5	Yes	No	No
Windows Kernel Memory	CVE-2025-21320	5.5	Yes	No	No
Windows Kernel Memory	CVE-2025-21321	5.5	Yes	No	No
Windows Kernel Memory	CVE-2025-21323	5.5	Yes	No	No
Windows Digital Media	CVE-2025-21324	6.6	Yes	No	No
Internet Explorer	CVE-2025-21326	7.8	Yes	No	No
Windows Digital Media	CVE-2025-21327	6.6	Yes	No	No
Windows MapUrlToZone	CVE-2025-21328	4.3	Yes	No	No
Windows MapUrlToZone	CVE-2025-21329	4.3	Yes	No	No
Windows Remote Desktop Services	CVE-2025-21330	7.5	Yes	No	No
Windows Installer	CVE-2025-21331	7.3	Yes	No	No
Windows MapUrlToZone	CVE-2025-21332	4.3	No	No	No
Windows Hyper-V NT Kernel Integration VSP	CVE-2025-21333	7.8	Yes	No	No
Windows Hyper-V NT Kernel Integration VSP	CVE-2025-21334	7.8	Yes	No	No
Windows Hyper-V NT Kernel Integration VSP	CVE-2025-21335	7.8	Yes	No	No
Windows Cryptographic Services	CVE-2025-21336	5.6	Yes	No	No
Windows Win32K - GRFX	CVE-2025-21338	7.8	Yes	No	No
Windows Telephony Service	CVE-2025-21339	8.8	Yes	No	No
Windows Hello	CVE-2025-21340	5.5	Yes	No	No
Windows Digital Media	CVE-2025-21341	6.6	Yes	No	No
Windows Web Threat Defense User Service	CVE-2025-21343	7.5	Yes	No	No
Microsoft Office SharePoint	CVE-2025-21344	7.8	Yes	No	No
Microsoft Office Visio	CVE-2025-21345	7.8	Yes	No	No
Microsoft Office	CVE-2025-21346	7.1	Yes	No	No
Microsoft Office SharePoint	CVE-2025-21348	7.2	Yes	No	No
Microsoft Office Excel	CVE-2025-21354	7.8	Yes	No	No
Microsoft Office Visio	CVE-2025-21356	7.8	Yes	No	No
Microsoft Office Outlook	CVE-2025-21357	6.7	Yes	No	No
Microsoft AutoUpdate (MAU)	CVE-2025-21360	7.8	Yes	No	No
Microsoft Office Outlook for Mac	CVE-2025-21361	7.8	Yes	No	No
Microsoft Office Excel	CVE-2025-21362	7.8	Yes	No	No
Microsoft Office Word	CVE-2025-21363	7.8	Yes	No	No
Microsoft Office Excel	CVE-2025-21364	7.8	Yes	No	No
Microsoft Office	CVE-2025-21365	7.8	Yes	No	No
Microsoft Office Access	CVE-2025-21366	7.8	Yes	No	No
Windows Virtualization-Based Security (VBS) Enclave	CVE-2025-21370	7.8	Yes	No	No
Microsoft Brokering File System	CVE-2025-21372	7.8	Yes	No	No
Windows Client-Side Caching (CSC) Service	CVE-2025-21374	5.5	Yes	No	No
Windows Client-Side Caching (CSC) Service	CVE-2025-21378	7.8	Yes	No	No
Azure Marketplace SaaS Resources	CVE-2025-21380	8.8	Yes	No	No
Microsoft Graphics Component	CVE-2025-21382	7.8	Yes	No	No
Microsoft Purview	CVE-2025-21385	8.8	Yes	No	No
Windows UPnP Device Host	CVE-2025-21389	7.5	No	No	No
Microsoft Office SharePoint	CVE-2025-21393	6.3	Yes	No	No
Microsoft Office Access	CVE-2025-21395	7.8	Yes	No	No
Microsoft Office OneNote	CVE-2025-21402	7.8	Yes	No	No
Microsoft Azure Gateway Manager	CVE-2025-21403	6.4	Yes	No	No
Visual Studio	CVE-2025-21405	7.3	No	No	No
Windows Telephony Service	CVE-2025-21409	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21411	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21413	8.8	Yes	No	No
Windows Telephony Service	CVE-2025-21417	8.8	Yes	No	No

CNA	Tag	CVE	FAQs?	Workarounds?	Mitigations?
GitHub	Visual Studio	CVE-2024-50338	Yes	No	No
CERT CC	Windows Secure Boot	CVE-2024-7344	Yes	No	No

Date	Blog Post
November 12, 2024	Toward greater transparency: Publishing machine-readable CSAF files
June 27, 2024	Toward greater transparency: Unveiling Cloud Service CVEs
April 9, 2024	Toward greater transparency: Security Update Guide now shares CWEs for CVEs
January 6, 2023	Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
January 11, 2022	Coming Soon: New Security Update Guide Notification System
February 9, 2021	Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021	Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020	Security Update Guide: Let’s keep the conversation going
November 9, 2020	Vulnerability Descriptions in the New Version of the Security Update Guide

KB Article	Applies To
5049981	Windows 10, version 21H2, Windows 10, version 22H2
5049983	Windows Server 2022
5049984	Windows Server 2022, 23H2 Edition (Server Core installation)
5050008	Windows 10, version 1809, Windows Server 2019
5050009	Windows 11, version 24H2
5050021	Windows 11, version 22H2, Windows 11, version 23H2
5050061	Windows Server 2008 (Security-only update)
5050063	Windows Server 2008 (Monthly Rollup)

Bloatynosy 1.0.20 released

Microsoft January 2025 Security Updates

January 2025 Security Updates

This release consists of the following 159 Microsoft CVEs:

We are republishing 2 non-Microsoft CVEs:

Security Update Guide Blog Posts

Relevant Resources

Known Issues

Windows

Linux

macOS

Community