Patch Tuesday Update – January 2024
2025-1-14 21:37:15 Author: securityboulevard.com(查看原文) 阅读量:14 收藏
2025-1-14 21:37:15 Author: securityboulevard.com(查看原文) 阅读量:14 收藏
| CVE/Advisory | Title | Tag | Microsoft Severity Rating | Base Score | Microsoft Impact | Exploited | Publicly Disclosed |
| CVE-2025-21411 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21413 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21171 | .NET Remote Code Execution Vulnerability | .NET | Important | 7.5 | Remote Code Execution | No | No |
| CVE-2025-21210 | Windows BitLocker Information Disclosure Vulnerability | Windows Virtual Trusted Platform Module | Important | 4.2 | Information Disclosure | No | No |
| CVE-2025-21214 | Windows BitLocker Information Disclosure Vulnerability | Windows BitLocker | Important | 4.2 | Information Disclosure | No | No |
| CVE-2025-21215 | Secure Boot Security Feature Bypass Vulnerability | Windows Boot Manager | Important | 4.6 | Information Disclosure | No | No |
| CVE-2025-21233 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21234 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Windows PrintWorkflowUserSvc | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21235 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Windows PrintWorkflowUserSvc | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21236 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21237 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21239 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21241 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21242 | Windows Kerberos Information Disclosure Vulnerability | Windows Kerberos | Important | 5.9 | Information Disclosure | No | No |
| CVE-2025-21243 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21244 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21248 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21249 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21251 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21252 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21255 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21257 | Windows WLAN AutoConfig Service Information Disclosure Vulnerability | Windows WLAN Auto Config Service | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21258 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21260 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21263 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21265 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21266 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21268 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21269 | Windows HTML Platforms Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21270 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21271 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Windows Cloud Files Mini Filter Driver | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21272 | Windows COM Server Information Disclosure Vulnerability | Windows COM | Important | 6.5 | Information Disclosure | No | No |
| CVE-2025-21277 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21280 | Windows Virtual Trusted Platform Module Denial of Service Vulnerability | Windows Virtual Trusted Platform Module | Important | 5.5 | Denial of Service | No | No |
| CVE-2025-21281 | Microsoft COM for Windows Elevation of Privilege Vulnerability | Windows COM | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21282 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21284 | Windows Virtual Trusted Platform Module Denial of Service Vulnerability | Windows Virtual Trusted Platform Module | Important | 5.5 | Denial of Service | No | No |
| CVE-2025-21285 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21288 | Windows COM Server Information Disclosure Vulnerability | Windows COM | Important | 6.5 | Information Disclosure | No | No |
| CVE-2025-21289 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21290 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21291 | Windows Direct Show Remote Code Execution Vulnerability | Windows Direct Show | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21293 | Active Directory Domain Services Elevation of Privilege Vulnerability | Active Directory Domain Services | Important | 8.8 | Elevation of Privilege | No | No |
| CVE-2025-21294 | Microsoft Digest Authentication Remote Code Execution Vulnerability | Microsoft Digest Authentication | Critical | 8.1 | Remote Code Execution | No | No |
| CVE-2025-21295 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | Windows SPNEGO Extended Negotiation | Critical | 8.1 | Remote Code Execution | No | No |
| CVE-2025-21296 | BranchCache Remote Code Execution Vulnerability | BranchCache | Critical | 7.5 | Remote Code Execution | No | No |
| CVE-2025-21297 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Windows Remote Desktop Services | Critical | 8.1 | Remote Code Execution | No | No |
| CVE-2025-21298 | Windows OLE Remote Code Execution Vulnerability | Windows OLE | Critical | 9.8 | Remote Code Execution | No | No |
| CVE-2025-21299 | Windows Kerberos Security Feature Bypass Vulnerability | Windows Kerberos | Important | 7.1 | Security Feature Bypass | No | No |
| CVE-2025-21301 | Windows Geolocation Service Information Disclosure Vulnerability | Windows Geolocation Service | Important | 6.5 | Information Disclosure | No | No |
| CVE-2025-21302 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21303 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21304 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Windows DWM Core Library | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21306 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21309 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Windows Remote Desktop Services | Critical | 8.1 | Remote Code Execution | No | No |
| CVE-2025-21314 | Windows SmartScreen Spoofing Vulnerability | Windows SmartScreen | Important | 6.5 | Spoofing | No | No |
| CVE-2025-21315 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Microsoft Brokering File System | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21316 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21318 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21319 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21320 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21321 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21327 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21176 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | .NET, .NET Framework, Visual Studio | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21178 | Visual Studio Remote Code Execution Vulnerability | Visual Studio | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21173 | .NET Elevation of Privilege Vulnerability | .NET | Important | 7.3 | Elevation of Privilege | No | No |
| CVE-2025-21341 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21344 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft Office SharePoint | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21345 | Microsoft Office Visio Remote Code Execution Vulnerability | Microsoft Office Visio | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21346 | Microsoft Office Security Feature Bypass Vulnerability | Microsoft Office | Important | 7.1 | Security Feature Bypass | No | No |
| CVE-2025-21348 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft Office SharePoint | Important | 7.2 | Remote Code Execution | No | No |
| CVE-2025-21354 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft Office Excel | Critical | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21356 | Microsoft Office Visio Remote Code Execution Vulnerability | Microsoft Office Visio | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21357 | Microsoft Outlook Remote Code Execution Vulnerability | Microsoft Office Outlook | Important | 6.7 | Remote Code Execution | No | No |
| CVE-2025-21362 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft Office Excel | Critical | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21363 | Microsoft Word Remote Code Execution Vulnerability | Microsoft Office Word | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21364 | Microsoft Excel Security Feature Bypass Vulnerability | Microsoft Office Excel | Important | 7.8 | Security Feature Bypass | No | No |
| CVE-2025-21365 | Microsoft Office Remote Code Execution Vulnerability | Microsoft Office | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21366 | Microsoft Access Remote Code Execution Vulnerability | Microsoft Office Access | Important | 7.8 | Remote Code Execution | No | Yes |
| CVE-2025-21382 | Windows Graphics Component Elevation of Privilege Vulnerability | Microsoft Graphics Component | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21219 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21389 | Windows upnphost.dll Denial of Service Vulnerability | Windows UPnP Device Host | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21393 | Microsoft SharePoint Server Spoofing Vulnerability | Microsoft Office SharePoint | Important | 6.3 | Spoofing | No | No |
| CVE-2025-21395 | Microsoft Access Remote Code Execution Vulnerability | Microsoft Office Access | Important | 7.8 | Remote Code Execution | No | Yes |
| CVE-2025-21403 | On-Premises Data Gateway Information Disclosure Vulnerability | Microsoft Azure Gateway Manager | Important | 6.4 | Information Disclosure | No | No |
| CVE-2025-21217 | Windows NTLM Spoofing Vulnerability | Windows NTLM | Important | 6.5 | Spoofing | No | No |
| CVE-2025-21405 | Visual Studio Elevation of Privilege Vulnerability | Visual Studio | Important | 7.3 | Elevation of Privilege | No | No |
| CVE-2025-21278 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Windows Remote Desktop Services | Important | 6.2 | Denial of Service | No | No |
| CVE-2025-21329 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21328 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21330 | Windows Remote Desktop Services Denial of Service Vulnerability | Windows Remote Desktop Services | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21220 | Microsoft Message Queuing Information Disclosure Vulnerability | Windows Message Queuing | Important | 7.5 | Information Disclosure | No | No |
| CVE-2025-21335 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | Windows Hyper-V NT Kernel Integration VSP | Important | 7.8 | Elevation of Privilege | Yes | No |
| CVE-2025-21193 | Active Directory Federation Server Spoofing Vulnerability | Active Directory Federation Services | Important | 6.5 | Spoofing | No | No |
| CVE-2025-21207 | Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability | Windows Connected Devices Platform Service | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21202 | Windows Recovery Environment Agent Elevation of Privilege Vulnerability | Windows Recovery Environment Agent | Important | 6.1 | Elevation of Privilege | No | No |
| CVE-2025-21187 | Microsoft Power Automate Remote Code Execution Vulnerability | Power Automate | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21186 | Microsoft Access Remote Code Execution Vulnerability | Microsoft Office Access | Important | 7.8 | Remote Code Execution | No | Yes |
| CVE-2025-21211 | Secure Boot Security Feature Bypass Vulnerability | Windows Boot Loader | Important | 6.8 | Security Feature Bypass | No | No |
| CVE-2025-21213 | Secure Boot Security Feature Bypass Vulnerability | Windows BitLocker | Important | 4.6 | Security Feature Bypass | No | No |
| CVE-2025-21224 | Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | Line Printer Daemon Service (LPD) | Important | 8.1 | Remote Code Execution | No | No |
| CVE-2025-21225 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Windows Remote Desktop Services | Important | 5.9 | Denial of Service | No | No |
| CVE-2025-21226 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21227 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21228 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21229 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21230 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21231 | IP Helper Denial of Service Vulnerability | IP Helper | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21232 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21256 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21261 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21189 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21273 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21274 | Windows Event Tracing Denial of Service Vulnerability | Windows Event Tracing | Important | 5.5 | Denial of Service | No | No |
| CVE-2025-21275 | Windows App Package Installer Elevation of Privilege Vulnerability | Windows Installer | Important | 7.8 | Elevation of Privilege | No | Yes |
| CVE-2025-21276 | Windows MapUrlToZone Denial of Service Vulnerability | Windows MapUrlToZone | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21286 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21287 | Windows Installer Elevation of Privilege Vulnerability | Windows Installer | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21292 | Windows Search Service Elevation of Privilege Vulnerability | Microsoft Windows Search Component | Important | 8.8 | Elevation of Privilege | No | No |
| CVE-2025-21300 | Windows upnphost.dll Denial of Service Vulnerability | Windows UPnP Device Host | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21305 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21307 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | Reliable Multicast Transport Driver (RMCAST) | Critical | 9.8 | Remote Code Execution | No | No |
| CVE-2025-21308 | Windows Themes Spoofing Vulnerability | Windows Themes | Important | 6.5 | Spoofing | No | Yes |
| CVE-2025-21310 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21312 | Windows Smart Card Reader Information Disclosure Vulnerability | Windows Smart Card | Important | 2.4 | Information Disclosure | No | No |
| CVE-2025-21317 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21323 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21172 | .NET and Visual Studio Remote Code Execution Vulnerability | .NET and Visual Studio | Important | 7.5 | Remote Code Execution | No | No |
| CVE-2025-21324 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21331 | Windows Installer Elevation of Privilege Vulnerability | Windows Installer | Important | 7.3 | Elevation of Privilege | No | No |
| CVE-2025-21336 | Windows Cryptographic Information Disclosure Vulnerability | Windows Cryptographic Services | Important | 5.6 | Information Disclosure | No | No |
| CVE-2025-21338 | GDI+ Remote Code Execution Vulnerability | Windows Win32K – GRFX | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21339 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21340 | Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability | Windows Hello | Important | 5.5 | Security Feature Bypass | No | No |
| CVE-2025-21343 | Windows Web Threat Defense User Service Information Disclosure Vulnerability | Windows Web Threat Defense User Service | Important | 7.5 | Information Disclosure | No | No |
| CVE-2025-21360 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Microsoft AutoUpdate (MAU) | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21361 | Microsoft Outlook Remote Code Execution Vulnerability | Microsoft Office Outlook for Mac | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21370 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | Windows Virtualization-Based Security (VBS) Enclave | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21372 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Microsoft Brokering File System | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21374 | Windows CSC Service Information Disclosure Vulnerability | Windows Client-Side Caching (CSC) Service | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21378 | Windows CSC Service Elevation of Privilege Vulnerability | Windows Client-Side Caching (CSC) Service | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21402 | Microsoft Office OneNote Remote Code Execution Vulnerability | Microsoft Office OneNote | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21218 | Windows Kerberos Denial of Service Vulnerability | Windows Kerberos | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21313 | Windows Security Account Manager (SAM) Denial of Service Vulnerability | Windows Security Account Manager | Important | 6.5 | Denial of Service | No | No |
| CVE-2025-21332 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21326 | Internet Explorer Remote Code Execution Vulnerability | Internet Explorer | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21311 | Windows NTLM V1 Elevation of Privilege Vulnerability | Windows NTLM | Critical | 9.8 | Elevation of Privilege | No | No |
| CVE-2025-21333 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | Windows Hyper-V NT Kernel Integration VSP | Important | 7.8 | Elevation of Privilege | Yes | No |
| CVE-2025-21334 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | Windows Hyper-V NT Kernel Integration VSP | Important | 7.8 | Elevation of Privilege | Yes | No |
| CVE-2025-21246 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21417 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21250 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21240 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21238 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21223 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21409 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21245 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
文章来源: https://securityboulevard.com/2025/01/patch-tuesday-update-january-2024-2/
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh