Microsoft has released its January 2025 Patch Tuesday security updates to address multiple vulnerabilities across its products, including three that have been detected as exploited in the wild (CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335).

Based on the official Microsoft release notes, there are 159 CVEs affecting Microsoft products, 12 of which are classified as ‘Critical,’ while the rest are classified as ‘Important.’

_____________________________

A. List of the Vulnerabilities

Kindly check the link below for the lists of Microsoft CVEs and non-Microsoft CVEs.

• https://msrc.microsoft.com/update-guide/releaseNote/2025-Jan

_____________________________

B. Actions to be Taken

CERT-PH recommends the following actions be taken:

• Kindly review and apply the necessary updates to mitigate future threats.
• For additional information, kindly refer to the official report
  • https://msrc.microsoft.com/update-guide/releaseNote/2025-Jan
  • https://msrc.microsoft.com/update-guide/vulnerability