{"id":350049,"date":"2025-01-16T18:41:28","date_gmt":"2025-01-16T13:11:28","guid":{"rendered":"https:\/\/www.technologyforyou.org\/?p=350049"},"modified":"2025-01-16T18:41:28","modified_gmt":"2025-01-16T13:11:28","slug":"microsoft-patched-a-whopping-157-cves-in-its-inaugural-patch-tuesday-for-2025","status":"publish","type":"post","link":"https:\/\/www.technologyforyou.org\/microsoft-patched-a-whopping-157-cves-in-its-inaugural-patch-tuesday-for-2025\/","title":{"rendered":"Microsoft patched a whopping 157 CVEs in its inaugural Patch Tuesday for 2025"},"content":{"rendered":"<p><span style=\"font-size: 12pt;\"><strong>By Satnam Narang, Sr. Staff Research Engineer, Tenable<\/strong><\/span><\/p>\n<p style=\"font-weight: 400;\">Microsoft patched a whopping 157 CVEs in its inaugural Patch Tuesday for 2025. Not only is this the largest number of CVEs patched in January, it is the largest number of CVEs patched across any Patch Tuesday release since 2017. Microsoft set a record in April 2024, patching 147 CVEs. Since 2017, the average number of CVEs patched in January was 60. Prior to 2025, the largest January Patch Tuesday release was 2023, which saw Microsoft patch 98 CVEs. In 2024, Microsoft opened the year with 48 CVEs patched.<\/p>\n<p>\u201cThis month, there were eight zero-days, including three that were exploited and five that were publicly disclosed ahead of Patch Tuesday.<\/p>\n<p>\u201cThe three zero-day vulnerabilities exploited in the wild (CVE-2025-21333, CVE-2025-21334 and CVE-2025-21335) exist within a component of the Windows Hyper-V\u2019s NT Kernel that manages communication between virtual machines and the host operating system.<\/p>\n<p>\u201cLittle is known about the in-the-wild exploitation of these flaws. As elevation of privilege bugs, they\u2019re being used as part of post-compromise activity, where an attacker has already accessed a target system. It\u2019s kind of like if an attacker is able to enter a secure building, they\u2019re unable to access more secure parts of the facility because they have to prove that they have clearance. In this case, they\u2019re able to trick the system into believing they should have clearance.<\/p>\n<p>\u201cMore often than not, we see a lot of elevation of privilege bugs exploited in the wild as zero-days in Patch Tuesday because it\u2019s not always initial access to a system that\u2019s a challenge for attackers as they have various avenues in their pursuit. The greater challenge is being able to obtain more privileged access once they\u2019ve gained initial system access. Patch Tuesday releases from 2023 and 2024 included 45 zero days exploited in the wild. Elevation of privilege flaws took the crown each year, accounting for 19 in total\u2013or 42%.<\/p>\n<p>\u201cMicrosoft also patched three vulnerabilities in Microsoft Access, identified as CVE-2025-21186, CVE-2025-21366, and CVE-2025-21395. These are remote code execution bugs that are exploitable if an attacker convinces a target to download and run a malicious file through social engineering. What makes these vulnerabilities most interesting is that they were reportedly discovered using AI, as they are credited to a platform called Unpatched.ai. Unpatched.ai was also credited with discovering a flaw in the December 2024 Patch Tuesday release (CVE-2024-49142). Automated vulnerability detection using AI has garnered a lot of attention recently, so it\u2019s noteworthy to see this service being credited with finding bugs in Microsoft products. It may be the first of many in 2025.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>By Satnam Narang, Sr. Staff Research Engineer, Tenable Microsoft patched a whopping 157 CVEs in its inaugural Patch Tuesday for 2025. Not only is this the largest number of CVEs patched in January, it is the largest number of CVEs patched across any Patch Tuesday release since 2017. Microsoft set a record in April 2024, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14083],"tags":[],"class_list":{"0":"post-350049","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-technology-industry-news"},"_links":{"self":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts\/350049","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/comments?post=350049"}],"version-history":[{"count":0,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts\/350049\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/media?parent=350049"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/categories?post=350049"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/tags?post=350049"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}