One Article Review
| Source |  Techworm |
|---|---|
| Identifiant | 8637765 |
| Date de publication | 2025-01-15 21:03:35 (vue: 2025-01-15 15:54:31) |
| Titre | Microsoft Fixes 8 Zero-Days In January 2025 Patch Tuesday |
| Texte | Microsoft recently released its January 2025 Patch Tuesday cumulative update, which included security updates for 159 flaws across Windows OS, Microsoft Office, .NET, Azure, Kerberos, and Windows Hyper-V. These included eight zero-day vulnerabilities, of which three are under active exploitation and five are publicly known flaws. “Of the patches released today, 11 are rated Critical, and the other 148 are rated Important in severity. This is the largest number of CVEs addressed in any single month since at least 2017 and is more than double the usual amount of CVEs fixed in January,” Trend Micro\'s Zero Day Initiative (ZDI) program researchers wrote in an analysis. The three zero-day vulnerabilities under active exploitation in the wild are tracked as CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. These are elevation of privilege (EoP) vulnerabilities in the Windows Hyper-V NT Kernel Integration Virtualization Service Provider (VSP), with a CVSS score of 7.8 (important). According to Microsoft, successfully exploiting the vulnerability could allow an authenticated user to execute code with SYSTEM privileges. As usual, the Redmond giant has provided no information about how these flaws are being exploited, the attackers involved, or the scale of the attacks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added these flaws to its Known Exploited Vulnerabilities (KEV) catalog, mandating federal agencies to implement fixes by February 4, 2025. Further, let\'s have a look at the five publicly disclosed zero-days that were not exploited by the attackers and have been patched in the January 2025 Patch Tuesday cumulative update: CVE-2025-21186, CVE-2025-21366, and CVE-2025-21395: These three vulnerabilities, each rated 7.8 on the CVSS scale (important), are Remote Code Execution (RCE) flaws in Microsoft Access that are triggered when opening maliciously crafted Access documents. The company has addressed these vulnerabilities by blocking access to the following extensions: accdb accde accdw accdt accda accdr accdu Microsoft credited Unpatched.ai, an AI-assisted vulnerability hunting platform, for finding all three Microsoft Access issues. The other two publicly disclosed and unexploited zero-da |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | “an 148 159 2017 2025 21178 21186 21275 21275 21294 21295 21296 21297 21298 21307 21308 21309 21311 21333 21334 21335 21366 21380 21385 21395: about above accda accdb accde accdr accdt accdu accdw access according across active added these addition addressed advisory against agencies agency all allow also amount analysis and cve any app applied are are cve assisted attacker attackers attacks authenticated authentication azure been being below blocking branchcache but can case catalog cisa click click here code company convince could crafted credited unpatched critical cumulative cve cves cvss cvss: cybersecurity day days desktop detailed digest disclosed disclosure documents double driver each eight elevation email embedding enable ensure enticement eop execute execution explains exploitation exploited exploiting explorer extended extensions: february federal file finding five five publicly fixed fixes flaw flaws flaws: following further gain giant hand has have how hunting hyper implement important included information infrastructure initiative installer and cve instant integration involved in an issues its january kerberos kernel kev known largest latest least let linking load look malicious maliciously mandating manipulate marketplace mechanism message messenger micro microsoft microsoft’s month more multicast necessarily negoex negotiation net not ntlm number object office ole onto open opening other package patch patched patches platform previewing privilege privileges program protection provided provider publicly purview rated rce recently recommended redmond released reliable remote researchers resources rmcast saas scale score score: security service services severity simply since single specially spnego studio successfully system than theme themes then these three today tracked transport trend triggered tuesday two typically under unexploited update update: updates user usual virtualization visual vsp vulnerabilities vulnerability vulnerable way when which wild windows would wrote zdi zero cve has in “of |
| Tags | Vulnerability Threat Prediction Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.