Microsoft’s January Security Update of High-Risk Vulnerabilities in Multiple Products

Microsoft’s January Security Update of High-Risk Vulnerabilities in Multiple Products

janeiro 16, 2025 | NSFOCUS

Overview

On January 14, NSFOCUS CERT detected that Microsoft released a security update patch for January, which fixed 159 security problems in widely used products such as Windows, Microsoft Office, Microsoft Visual Studio, Azure, Microsoft Dynamics, and Microsoft Edge. This includes high-risk vulnerabilities such as privilege escalation and remote code execution.

Among the vulnerabilities fixed in Microsoft’s update this month, 12 are critical in severity, 147 are important in severity, 3 vulnerabilities could be exploited in the field:

Windows Hyper-V NT Kernel Integration VSP Privilege Escalation Vulnerability (CVE-2025-21333/CVE-2025-21334/CVE-2025-21335)

Please update patches for protection as soon as possible. For a complete list of vulnerabilities, check the appendix.

Reference link: https://msrc.microsoft.com/update-guide/en-us/releaseNote/2025-Jan

Key Vulnerabilities

Windows Hyper-V NT Kernel Integration VSP Permission Escalation Vulnerability (CVE-2025-21333/CVE-2025-21334/CVE-2025-21335):

A privilege escalation vulnerability exists in Windows Hyper-V NT Kernel Integration VSP where an authenticated local attacker can trigger a heap buffer overflow due to boundary errors in the component, thereby gaining SYSTEM privileges on the system. The vulnerability has been exploited, with a CVSS score of 7.8.

Official Announcement Link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21333

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21334

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21335

Windows OLE Remote Code Execution Vulnerability (CVE-2025-21298):

Windows OLE has a remote code execution vulnerability, where an unauthenticated attacker sends special emails to the affected system by using Outlook and can execute codes remotely without user interaction. The CVSS score is 9.8.

Official Announcement Link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21298

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability (CVE-2025-21307):

The Windows Reliable Multicast Transport Driver (RMCAST) has a remote code execution vulnerability that can be exploited by an unauthenticated attacker via a Windows Pragmatic General Multicast (PGM) open socket sending special packets to the server in order to execute remote code on the target system. The CVSS score is 9.8.

Official Announcement Link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21307

Windows NTLM V1 privilege escalation vulnerability (CVE-2025-21311):

There is a privilege escalation vulnerability in Windows NTLM V1. Due to the incorrect implementation of authentication algorithm in Windows NTLM V1, unauthenticated attackers can exploit it through the network under low complexity conditions, thus elevating the privileges of the target system. The CVSS score is 9.8.

Official Announcement Link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21311

Microsoft Excel Remote Code Execution Vulnerability (CVE-2025-21354/CVE-2025-21362):

Microsoft Excel has a remote code execution vulnerability. Due to illegal pointer de-reference and reuse after release in Excel, the attacker can induce the victim to download and open an Excel file through social engineering to execute arbitrary code. The CVSS score is 7.8.

Official Announcement Link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21354

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21362

Windows Remote Desktop Service remote code execution vulnerability (CVE-2025-21297):

The Windows Remote Desktop Service has a remote code execution vulnerability. Since sensitive data in the Windows Remote Desktop Service is stored in an incorrectly locked memory, an unauthenticated attacker can connect to a system with the role of remote desktop gateway and send special requests to win competition conditions, thus executing arbitrary codes on the target system. The CVSS score is 8.1.

Official Announcement Link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21297

BranchCache Remote Code Execution Vulnerability (CVE-2025-21296):

BranchCache has a remote code execution vulnerability. Due to an after-release reuse error in BranchCache, unauthenticated attackers on the local network can send special requests to win competition conditions and execute arbitrary codes on the target system. The CVSS score is 7.5.

Official Announcement Link:

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21296

Scope of Impact

The following are some affected product versions that focus on vulnerabilities. For the scope of other products affected by vulnerabilities, please refer to the official announcement link:

Vulnerability No.Affected product versions
CVE-2025-21333
CVE-2025-21334
CVE-2025-21335
Windows Server 2025
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows Server 2025 (Server Core installation)
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
CVE-2025-21298
CVE-2025-21307
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2025
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows Server 2025 (Server Core installation)
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2025-21311Windows Server 2025
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows Server 2025 (Server Core installation)
CVE-2025-21354Microsoft Office LTSC for Mac 2024
Microsoft Office LTSC 2024 for 64-bit editions
Microsoft Office LTSC 2024 for 32-bit editions
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for 32-bit editions Office Online Server
CVE-2025-21362Microsoft Excel 2016 (64-bit edition)
Microsoft Excel 2016 (32-bit edition)
Microsoft Office LTSC for Mac 2024
Microsoft Office LTSC 2024 for 64-bit editions
Microsoft Office LTSC 2024 for 32-bit editions
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for 32-bit editions Office Online Server
CVE-2025-21297Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows Server 2025
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows Server 2025 (Server Core installation)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
CVE-2025-21296Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2025
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows Server 2025 (Server Core installation)
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems

Mitigation

At present, Microsoft has officially released security patches to fix the above vulnerabilities for supported product versions. It is strongly recommended that affected users install patches as soon as possible for protection.

Download link of the official website: https://msrc.microsoft.com/update-guide/en-us/releaseNote/2025-Jan

Note: Patch update of Windows Update may fail due to network problems, computer environment problems and other reasons. After installing the patch, users should check whether the patch is successfully updated in time.

For updates that have not been successfully installed, you can click the name of the update to visit Microsoft’s official download page. It is recommended that users click on the link on this page to go to the “Microsoft Update Catalog” website to download and install the standalone package.

Appendix: Vulnerability List

Affected productsCVE No.VulnerabilitySeverity
WindowsCVE-2025-21294Microsoft Digest Authentication Remote Code Execution VulnerabilityCritical
WindowsCVE-2025-21295SPNEGO Extended Negotiation (NEGOEX) Security Mechanism VulnerabilityCritical
WindowsCVE-2025-21296BranchCache remote code execution vulnerabilityCritical
WindowsCVE-2025-21297Windows Remote Desktop Services Remote Code Execution VulnerabilityCritical
WindowsCVE-2025-21298Windows OLE remote code execution vulnerabilityCritical
WindowsCVE-2025-21309Windows Remote Desktop Services Remote Code Execution VulnerabilityCritical
WindowsCVE-2025-21307Windows Reliable Multicast Transport Driver (RMCAST) remote code execution vulnerabilityCritical
AzureCVE-2025-21380Azure Marketplace SaaS Resources Information Disclosure VulnerabilityCritical
Microsoft OfficeCVE-2025-21385Microsoft Purview Disclosure VulnerabilityCritical
WindowsCVE-2025-21311Windows NTLM V1 privilege escalation vulnerabilityCritical
Microsoft OfficeCVE-2025-21362Microsoft Excel remote code execution vulnerabilityCritical
Microsoft OfficeCVE-2025-21354Microsoft Excel remote code execution vulnerabilityCritical
WindowsCVE-2025-21411Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21413Remote code execution vulnerability of Windows Telephony ServiceImportant
Microsoft Visual Studio
.NET 9.0 installed on Mac OS
.NET 9.0 installed on Linux
.NET 9.0 installed on Windows
CVE-2025-21171.NET remote code execution vulnerabilityImportant
WindowsCVE-2025-21210Windows BitLocker Disclosure VulnerabilityImportant
WindowsCVE-2025-21214Windows BitLocker Disclosure VulnerabilityImportant
WindowsCVE-2025-21215Secure Boot security function bypasses vulnerabilitiesImportant
WindowsCVE-2025-21233Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21234Windows PrintWorkflowUserSvc privilege escalation vulnerabilityImportant
WindowsCVE-2025-21235Windows PrintWorkflowUserSvc privilege escalation vulnerabilityImportant
WindowsCVE-2025-21236Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21237Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21239Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21241Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21242Windows Kerberos Disclosure VulnerabilityImportant
WindowsCVE-2025-21243Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21244Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21248Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21249Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21251Microsoft Message Queuing (MSMQ) Denial of Service VulnerabilityImportant
WindowsCVE-2025-21252Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21255Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21257Information disclosure vulnerability of Windows WLAN AutoConfig ServiceImportant
WindowsCVE-2025-21258Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21260Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21263Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21265Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21266Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21268MapUrlToZone Security Features Bypass VulnerabilitiesImportant
WindowsCVE-2025-21269Windows HTML Platforms Security Features Bypass VulnerabilitiesImportant
WindowsCVE-2025-21270Microsoft Message Queuing (MSMQ) Denial of Service VulnerabilityImportant
WindowsCVE-2025-21271Windows Cloud Files Mini Filter Driver Escalation VulnerabilityImportant
WindowsCVE-2025-21272Windows COM Server Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21277Microsoft Message Queuing (MSMQ) Denial of Service VulnerabilityImportant
WindowsCVE-2025-21280Windows Virtual Trusted Platform Module Denial of ServiceImportant
WindowsCVE-2025-21281Microsoft COM for Windows privilege escalation vulnerabilityImportant
WindowsCVE-2025-21282Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21284Windows Virtual Trusted Platform Module Denial of ServiceImportant
WindowsCVE-2025-21285Microsoft Message Queuing (MSMQ) Denial of Service VulnerabilityImportant
WindowsCVE-2025-21288Windows COM Server Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21289Microsoft Message Queuing (MSMQ) Denial of Service VulnerabilityImportant
WindowsCVE-2025-21290Microsoft Message Queuing (MSMQ) Denial of Service VulnerabilityImportant
WindowsCVE-2025-21291Windows Direct Show Remote Code Execution VulnerabilityImportant
WindowsCVE-2025-21293Active Directory Domain Services Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21299Windows Kerberos Security Features Bypass VulnerabilitiesImportant
WindowsCVE-2025-21301Windows Geolocation Service Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21302Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21303Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21304Microsoft DWM Core Library Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21306Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21314Windows SmartScreen Spoofing VulnerabilityImportant
WindowsCVE-2025-21315Microsoft Brokering File System Escalation VulnerabilityImportant
WindowsCVE-2025-21316Windows Kernel Memory Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21318Windows Kernel Memory Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21319Windows Kernel Memory Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21320Windows Kernel Memory Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21321Windows Kernel Memory Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21327Windows Digital Media Permission Escalation VulnerabilityImportant
.NET 8.0 installed on Linux
.NET 9.0 installed on Mac OS
Microsoft Visual Studio
Microsoft .NET Framework
.NET 9.0 installed on Linux
.NET 9.0 installed on Windows
.NET 8.0 installed on Mac OS
.NET 8.0 installed on Windows
CVE-2025-21176.NET, .NET Framework, and Visual Studio Remote Code Execution VulnerabilitiesImportant
Microsoft Visual StudioCVE-2025-21178Visual Studio Remote Code Execution VulnerabilityImportant
Microsoft Visual Studio,.NET 8.0 installed on Linux,.NET 9.0 installed on LinuxCVE-2025-21173.NET privilege escalation vulnerabilityImportant
WindowsCVE-2025-21341Windows Digital Media Permission Escalation VulnerabilityImportant
Microsoft OfficeCVE-2025-21344Microsoft SharePoint Server remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2025-21345Microsoft Office Visio remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2025-21346Microsoft Office Security Features Bypass VulnerabilitiesImportant
Microsoft OfficeCVE-2025-21348Microsoft SharePoint Server remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2025-21356Microsoft Office Visio remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2025-21357Microsoft Outlook remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2025-21363Microsoft Word remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2025-21364Microsoft Excel security features bypass vulnerabilitiesImportant
Microsoft OfficeCVE-2025-21365Microsoft Office remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2025-21366Microsoft Access remote code execution vulnerabilityImportant
WindowsCVE-2025-21382Windows Graphics Component Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21219MapUrlToZone Security Features Bypass VulnerabilitiesImportant
WindowsCVE-2025-21389Windows upnphost.dll denial of service vulnerabilityImportant
Microsoft OfficeCVE-2025-21393Microsoft SharePoint Server SpoofingImportant
Microsoft OfficeCVE-2025-21395Microsoft Access remote code execution vulnerabilityImportant
AzureCVE-2025-21403On-Premises Data Gateway Disclosure VulnerabilityImportant
WindowsCVE-2025-21217Windows NTLM spoofing vulnerabilityImportant
Microsoft Visual StudioCVE-2025-21405Visual Studio permission escalation vulnerabilityImportant
WindowsCVE-2025-21278Windows Remote Desktop Gateway (RD Gateway) denial-of-service vulnerabilityImportant
WindowsCVE-2025-21329MapUrlToZone Security Features Bypass VulnerabilitiesImportant
WindowsCVE-2025-21328MapUrlToZone Security Features Bypass VulnerabilitiesImportant
WindowsCVE-2025-21330Windows Remote Desktop Services VulnerabilityImportant
WindowsCVE-2025-21220Microsoft Message Queuing Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21335Windows Hyper-V NT Kernel Integration VSP Privilege EscalationImportant
WindowsCVE-2025-21193Active Directory Federation Server Spoofing VulnerabilityImportant
WindowsCVE-2025-21207Windows Connected Devices Platform Service (Cdpsvc) VulnerabilityImportant
WindowsCVE-2025-21202Windows Recovery Environment Agent Privilege Escalation VulnerabilityImportant
Microsoft DynamicsCVE-2025-21187Microsoft Power Automate remote code execution vulnerabilityImportant
Microsoft OfficeCVE-2025-21186Microsoft Access remote code execution vulnerabilityImportant
WindowsCVE-2025-21211Secure Boot security function bypasses vulnerabilitiesImportant
WindowsCVE-2025-21213Secure Boot security function bypasses vulnerabilitiesImportant
WindowsCVE-2025-21224Windows Line Printer Daemon (LPD) Service Remote Code Execution VulnerabilityImportant
WindowsCVE-2025-21225Windows Remote Desktop Gateway (RD Gateway) denial-of-service vulnerabilityImportant
WindowsCVE-2025-21226Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21227Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21228Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21229Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21230Microsoft Message Queuing (MSMQ) Denial of Service VulnerabilityImportant
WindowsCVE-2025-21231IP Helper Denial of Service VulnerabilityImportant
WindowsCVE-2025-21232Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21256Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21261Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21189MapUrlToZone Security Features Bypass VulnerabilitiesImportant
WindowsCVE-2025-21273Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21274Windows Event Tracing Denial of Service VulnerabilityImportant
WindowsCVE-2025-21275Windows App Package Installer Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21276Windows MapUrlToZone Denial of Service VulnerabilityImportant
WindowsCVE-2025-21286Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21287Windows Installer privilege escalation vulnerabilityImportant
WindowsCVE-2025-21292Windows Search Service Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21300Windows upnphost.dll denial of service vulnerabilityImportant
WindowsCVE-2025-21305Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21308Windows Themes Spoofing VulnerabilityImportant
WindowsCVE-2025-21310Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21312Windows Smart Card Reader Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21317Windows Kernel Memory Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21323Windows Kernel Memory Information Disclosure VulnerabilityImportant
.NET 8.0 installed on Linux
.NET 9.0 installed on Mac OS
Microsoft Visual Studio
.NET 9.0 installed on Linux
.NET 9.0 installed on Windows
.NET 8.0 installed on Mac OS
.NET 8.0 installed on Windows
CVE-2025-21172.NET and Visual Studio remote code execution vulnerabilitiesImportant
WindowsCVE-2025-21324Windows Digital Media Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21331Windows Installer privilege escalation vulnerabilityImportant
WindowsCVE-2025-21336Windows Cryptographic Disclosure VulnerabilityImportant
Windows
Microsoft Office
CVE-2025-21338GDI+ remote code execution vulnerabilityImportant
WindowsCVE-2025-21339Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21340Windows Virtualization-Based Security (VBS) Security Features Bypass VulnerabilitiesImportant
WindowsCVE-2025-21343Windows Web Threat Defense User Service Information Disclosure VulnerabilityImportant
Microsoft OfficeCVE-2025-21360Microsoft AutoUpdate (MAU) privilege escalation vulnerabilityImportant
Microsoft OfficeCVE-2025-21361Microsoft Outlook remote code execution vulnerabilityImportant
WindowsCVE-2025-21370Windows Virtualization-Based Security (VBS) Enclave Permission Escalation VulnerabilityImportant
WindowsCVE-2025-21372Microsoft Brokering File System Escalation VulnerabilityImportant
WindowsCVE-2025-21374Windows CSC Service Information Disclosure VulnerabilityImportant
WindowsCVE-2025-21378Windows CSC Service privilege escalation vulnerabilityImportant
Microsoft OfficeCVE-2025-21402Microsoft Office OneNote remote code execution vulnerabilityImportant
WindowsCVE-2025-21218Windows Kerberos Denial of ServiceImportant
WindowsCVE-2025-21313Windows Security Account Manager (SAM) Denial of Service VulnerabilityImportant
WindowsCVE-2025-21332MapUrlToZone Security Features Bypass VulnerabilitiesImportant
WindowsCVE-2025-21326Internet Explorer remote code execution vulnerabilityImportant
WindowsCVE-2025-21333Windows Hyper-V NT Kernel Integration VSP Privilege EscalationImportant
WindowsCVE-2025-21334Windows Hyper-V NT Kernel Integration VSP Privilege EscalationImportant
WindowsCVE-2025-21246Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21417Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21250Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21240Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21238Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21223Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21409Remote code execution vulnerability of Windows Telephony ServiceImportant
WindowsCVE-2025-21245Remote code execution vulnerability of Windows Telephony ServiceImportant

Statement

This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.

About NSFOCUS

NSFOCUS, a pioneering leader in cybersecurity, is dedicated to safeguarding telecommunications, Internet service providers, hosting providers, and enterprises from sophisticated cyberattacks.

Founded in 2000, NSFOCUS operates globally with over 4000 employees at two headquarters in Beijing, China, and Santa Clara, CA, USA, and over 50 offices worldwide. It has a proven track record of protecting over 25% of the Fortune Global 500 companies, including four of the five largest banks and six of the world’s top ten telecommunications companies.

Leveraging technical prowess and innovation, NSFOCUS delivers a comprehensive suite of security solutions, including the Intelligent Security Operations Platform (ISOP) for modern SOC, DDoS Protection, Continuous Threat Exposure Management (CTEM) Service and Web Application and API Protection (WAAP). All the solutions and services are augmented by the Security Large Language Model (SecLLM), ML, patented algorithms and other cutting-edge research achievements developed by NSFOCUS.