Microsoft security advisory – January 2025 monthly rollup (AV25–021)

Serial number: AV25-021
Date: January 14, 2024

On January 14, 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

  • .NET – version 8.0
  • .NET – version 9.0
  • Marketplace SaaS
  • Microsoft 365 Apps for Enterprise – multiple versions and platforms
  • Microsoft Access 2016
  • Microsoft Defender for Endpoint
  • Microsoft Edge
  • Microsoft Excel 2016
  • Microsoft/Muzic
  • Microsoft Office – multiple versions and platforms
  • Microsoft Project 2016 – multiple versions and platforms
  • Microsoft Purview
  • Microsoft SharePoint Enterprise Server 2016
  • Microsoft SharePoint Server Subscription Edition
  • Microsoft SharePoint Server 2019
  • Microsoft Update Catalog
  • Microsoft Visual Studio – multiple versions
  • Microsoft Word 2016
  • Office Online Server
  • System Center 2019, 2022 and 2025
  • Windows 10 – multiple versions and platforms
  • Windows 11 – multiple versions and platforms
  • Windows Server – multiple versions and platforms

Microsoft has indicated that CVE-2025-21333, CVE-2025-21334 and CVE-2025-21335 have been exploited.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

This alert was originated From: Canadian Centre for Cyber Security

https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-january-2025-monthly-rollup-av25-021

Leave a Reply

Your email address will not be published. Required fields are marked *