Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
Today is Microsoft’s January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks.
This Patch Tuesday also fixes twelve “Critical” vulnerabilities, including information disclosure, privileges elevation, and remote code execution flaws.
The number of bugs in each vulnerability category is listed below:
- 40 Elevation of Privilege Vulnerabilities
- 14 Security Feature Bypass Vulnerabilities
- 58 Remote Code Execution Vulnerabilities
- 24 Information Disclosure Vulnerabilities
- 20 Denial of Service Vulnerabilities
- 5 Spoofing Vulnerabilities
To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5050009 & KB5050021 cumulative updates and the Windows 10 KB5048652 cumulative update.
Three actively exploited zero-day disclosed
This month’s Patch Tuesday fixes three actively exploited and five publicly exposed zero-day vulnerabilities.
Microsoft classifies a zero-day flaw as one that is publicly disclosed or actively exploited while no official fix is available.
The actively exploited zero-day vulnerability in today’s updates are:
CVE-2025-21333, CVE-2025-21334, CVE-2025-21335 – Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
Microsoft has fixed three elevation of privilege vulnerability in Windows Hyper-V that were exploited in attacks to gain SYSTEM privileges on Windows devices.
No information has been released as to how these flaws were exploited in attacks, and they all show that they were disclosed anonymously.
As the CVEs for these three vulnerabilities are sequential and for the same feature, they were all likely found used or discovered through the same attacks.
The publicly disclosed zero-days are:
CVE-2025-21275 – Windows App Package Installer Elevation of Privilege Vulnerability
Microsoft fixed an elevation of privileges flaw in the Windows App Package Installer that could lead to SYSTEM privileges.
“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” explains Microsoft’s advisory.
The vulnerability was submitted anonymously to Microsoft.
CVE-2025-21308 – Windows Themes Spoofing Vulnerability
Microsoft fixed a Windows Theme vulnerability that could be exploited simply by displaying a specially crafted Theme file in Windows Explorer.
“An attacker would have to convince the user to load a malicious file onto a vulnerable system, typically by way of an enticement in an Email or Instant Messenger message, and then convince the user to manipulate the specially crafted file, but not necessarily click or open the malicious file.,” explains Microsoft’s advisory.
The flaw was discovered by Blaz Satler with 0patch by ACROS Security, which is a bypass of a previous flaw tracked as CVE-2024-38030. 0patch previously released micropatches for this flaw in October, while waiting for Microsoft to fix it.
When a Theme file is viewed in Windows Explorer and utilizes BrandImage and Wallpaper options that specify a network file path, Windows automatically sends authentication requests to the remote host, including the logged-in user’s NTLM credentials.
These NTLM hashes can then be cracked to get the plain-text password or used in pass-the-hash attacks.
Microsoft says the flaw is mitigated if NTLM is disabled or the “Restrict NTLM: Outgoing NTLM traffic to remote servers” policy is enabled.
CVE-2025-21186, CVE-2025-21366, CVE-2025-21395 – Microsoft Access Remote Code Execution Vulnerability
Microsoft fixed three remote code execution vulnerabilities in Microsoft Access that are exploited when opening specially crafted Microsoft Access documents.
Microsoft has mitigated this issue by blocking access to the following Microsoft Access documents if they were sent via email:
- accdb
- accde
- accdw
- accdt
- accda
- accdr
- accdu
What makes this interesting is that Unpatched.ai, an AI-assisted vulnerability discovery platform, has discovered all three flaws.
Recent updates from other companies
Other vendors who released updates or advisories in January 2025 include:
- Adobe released security updates for Photoshop, Substance3D Stager and Designer, Adobe Illustrator for iPad, and Adobe Animate.
- Cisco released security updates for multiple products, including Cisco ThousandEyes Endpoint Agent and Cisco Crosswork Network Controller.
- Ivanti released security updates for a Connect Secure flaw zero-day exploited in attacks to deploy custom malware on devices.
- Fortinet released a security update for an authentication bypass zero-day vulnerability in FortiOS and FortiProxy that was exploited in attacks since November.
- GitHub released security updates for two Git vulnerabilities.
- Moxa released security updates for high-severity and a critical vulnerabilities in its industrial networking and communications networking devices.
- ProjectDiscovery released security updates in September for a Nuclei flaw that allows malicious templates to bypass signature verification.
- SAP releases security updates for multiple products, including fixes for two critical (9.9/10) vulnerabilities in SAP NetWeaver.
- SonicWall releases patches for an authentication bypass vulnerability in SSL VPN and SSH management that is “susceptible to actual exploitation.”
- Zyxel has released security updates to fix an improper privilege management vulnerability in the web management interface.
The January 2025 Patch Tuesday Security Updates
Below is the complete list of resolved vulnerabilities in the January 2025 Patch Tuesday updates.
To access the full description of each vulnerability and the systems it affects, you can view the full report here.
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET | CVE-2025-21171 | .NET Remote Code Execution Vulnerability | Important |
| .NET | CVE-2025-21173 | .NET Elevation of Privilege Vulnerability | Important |
| .NET and Visual Studio | CVE-2025-21172 | .NET and Visual Studio Remote Code Execution Vulnerability | Important |
| .NET, .NET Framework, Visual Studio | CVE-2025-21176 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | Important |
| Active Directory Domain Services | CVE-2025-21293 | Active Directory Domain Services Elevation of Privilege Vulnerability | Important |
| Active Directory Federation Services | CVE-2025-21193 | Active Directory Federation Server Spoofing Vulnerability | Important |
| Azure Marketplace SaaS Resources | CVE-2025-21380 | Azure Marketplace SaaS Resources Information Disclosure Vulnerability | Critical |
| BranchCache | CVE-2025-21296 | BranchCache Remote Code Execution Vulnerability | Critical |
| Internet Explorer | CVE-2025-21326 | Internet Explorer Remote Code Execution Vulnerability | Important |
| IP Helper | CVE-2025-21231 | IP Helper Denial of Service Vulnerability | Important |
| Line Printer Daemon Service (LPD) | CVE-2025-21224 | Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | Important |
| Microsoft AutoUpdate (MAU) | CVE-2025-21360 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important |
| Microsoft Azure Gateway Manager | CVE-2025-21403 | On-Premises Data Gateway Information Disclosure Vulnerability | Important |
| Microsoft Brokering File System | CVE-2025-21315 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Important |
| Microsoft Brokering File System | CVE-2025-21372 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Important |
| Microsoft Digest Authentication | CVE-2025-21294 | Microsoft Digest Authentication Remote Code Execution Vulnerability | Critical |
| Microsoft Graphics Component | CVE-2025-21382 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| Microsoft Office | CVE-2025-21346 | Microsoft Office Security Feature Bypass Vulnerability | Important |
| Microsoft Office | CVE-2025-21365 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office Access | CVE-2025-21186 | Microsoft Access Remote Code Execution Vulnerability | Important |
| Microsoft Office Access | CVE-2025-21366 | Microsoft Access Remote Code Execution Vulnerability | Important |
| Microsoft Office Access | CVE-2025-21395 | Microsoft Access Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-21364 | Microsoft Excel Security Feature Bypass Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-21362 | Microsoft Excel Remote Code Execution Vulnerability | Critical |
| Microsoft Office Excel | CVE-2025-21354 | Microsoft Excel Remote Code Execution Vulnerability | Critical |
| Microsoft Office OneNote | CVE-2025-21402 | Microsoft Office OneNote Remote Code Execution Vulnerability | Important |
| Microsoft Office Outlook | CVE-2025-21357 | Microsoft Outlook Remote Code Execution Vulnerability | Important |
| Microsoft Office Outlook for Mac | CVE-2025-21361 | Microsoft Outlook Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2025-21344 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2025-21348 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2025-21393 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office Visio | CVE-2025-21345 | Microsoft Office Visio Remote Code Execution Vulnerability | Important |
| Microsoft Office Visio | CVE-2025-21356 | Microsoft Office Visio Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2025-21363 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Purview | CVE-2025-21385 | Microsoft Purview Information Disclosure Vulnerability | Critical |
| Microsoft Windows Search Component | CVE-2025-21292 | Windows Search Service Elevation of Privilege Vulnerability | Important |
| Power Automate | CVE-2025-21187 | Microsoft Power Automate Remote Code Execution Vulnerability | Important |
| Reliable Multicast Transport Driver (RMCAST) | CVE-2025-21307 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | Critical |
| Visual Studio | CVE-2025-21405 | Visual Studio Elevation of Privilege Vulnerability | Important |
| Visual Studio | CVE-2024-50338 | GitHub: CVE-2024-50338 Malformed URL allows information disclosure through git-credential-manager | Important |
| Visual Studio | CVE-2025-21178 | Visual Studio Remote Code Execution Vulnerability | Important |
| Windows BitLocker | CVE-2025-21213 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows BitLocker | CVE-2025-21214 | Windows BitLocker Information Disclosure Vulnerability | Important |
| Windows Boot Loader | CVE-2025-21211 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Boot Manager | CVE-2025-21215 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Client-Side Caching (CSC) Service | CVE-2025-21374 | Windows CSC Service Information Disclosure Vulnerability | Important |
| Windows Client-Side Caching (CSC) Service | CVE-2025-21378 | Windows CSC Service Elevation of Privilege Vulnerability | Important |
| Windows Cloud Files Mini Filter Driver | CVE-2025-21271 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
| Windows COM | CVE-2025-21281 | Microsoft COM for Windows Elevation of Privilege Vulnerability | Important |
| Windows COM | CVE-2025-21272 | Windows COM Server Information Disclosure Vulnerability | Important |
| Windows COM | CVE-2025-21288 | Windows COM Server Information Disclosure Vulnerability | Important |
| Windows Connected Devices Platform Service | CVE-2025-21207 | Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability | Important |
| Windows Cryptographic Services | CVE-2025-21336 | Windows Cryptographic Information Disclosure Vulnerability | Important |
| Windows Digital Media | CVE-2025-21261 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21258 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21232 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21256 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21255 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21226 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21310 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21324 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21249 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21341 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21227 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21260 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21265 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21263 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21228 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21327 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-21229 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Direct Show | CVE-2025-21291 | Windows Direct Show Remote Code Execution Vulnerability | Important |
| Windows DWM Core Library | CVE-2025-21304 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows Event Tracing | CVE-2025-21274 | Windows Event Tracing Denial of Service Vulnerability | Important |
| Windows Geolocation Service | CVE-2025-21301 | Windows Geolocation Service Information Disclosure Vulnerability | Important |
| Windows Hello | CVE-2025-21340 | Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability | Important |
| Windows Hyper-V NT Kernel Integration VSP | CVE-2025-21335 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | Important |
| Windows Hyper-V NT Kernel Integration VSP | CVE-2025-21334 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | Important |
| Windows Hyper-V NT Kernel Integration VSP | CVE-2025-21333 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | Important |
| Windows Installer | CVE-2025-21275 | Windows App Package Installer Elevation of Privilege Vulnerability | Important |
| Windows Installer | CVE-2025-21331 | Windows Installer Elevation of Privilege Vulnerability | Important |
| Windows Installer | CVE-2025-21287 | Windows Installer Elevation of Privilege Vulnerability | Important |
| Windows Kerberos | CVE-2025-21242 | Windows Kerberos Information Disclosure Vulnerability | Important |
| Windows Kerberos | CVE-2025-21299 | Windows Kerberos Security Feature Bypass Vulnerability | Important |
| Windows Kerberos | CVE-2025-21218 | Windows Kerberos Denial of Service Vulnerability | Important |
| Windows Kernel Memory | CVE-2025-21316 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows Kernel Memory | CVE-2025-21318 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows Kernel Memory | CVE-2025-21321 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows Kernel Memory | CVE-2025-21320 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows Kernel Memory | CVE-2025-21317 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows Kernel Memory | CVE-2025-21319 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows Kernel Memory | CVE-2025-21323 | Windows Kernel Memory Information Disclosure Vulnerability | Important |
| Windows MapUrlToZone | CVE-2025-21268 | MapUrlToZone Security Feature Bypass Vulnerability | Important |
| Windows MapUrlToZone | CVE-2025-21269 | Windows HTML Platforms Security Feature Bypass Vulnerability | Important |
| Windows MapUrlToZone | CVE-2025-21332 | MapUrlToZone Security Feature Bypass Vulnerability | Important |
| Windows MapUrlToZone | CVE-2025-21276 | Windows MapUrlToZone Denial of Service Vulnerability | Important |
| Windows MapUrlToZone | CVE-2025-21219 | MapUrlToZone Security Feature Bypass Vulnerability | Important |
| Windows MapUrlToZone | CVE-2025-21328 | MapUrlToZone Security Feature Bypass Vulnerability | Important |
| Windows MapUrlToZone | CVE-2025-21329 | MapUrlToZone Security Feature Bypass Vulnerability | Important |
| Windows MapUrlToZone | CVE-2025-21189 | MapUrlToZone Security Feature Bypass Vulnerability | Important |
| Windows Message Queuing | CVE-2025-21251 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows Message Queuing | CVE-2025-21230 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows Message Queuing | CVE-2025-21220 | Microsoft Message Queuing Information Disclosure Vulnerability | Important |
| Windows Message Queuing | CVE-2025-21270 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows Message Queuing | CVE-2025-21285 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows Message Queuing | CVE-2025-21290 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows Message Queuing | CVE-2025-21289 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows Message Queuing | CVE-2025-21277 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows NTLM | CVE-2025-21217 | Windows NTLM Spoofing Vulnerability | Important |
| Windows NTLM | CVE-2025-21311 | Windows NTLM V1 Elevation of Privilege Vulnerability | Critical |
| Windows OLE | CVE-2025-21298 | Windows OLE Remote Code Execution Vulnerability | Critical |
| Windows PrintWorkflowUserSvc | CVE-2025-21235 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2025-21234 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows Recovery Environment Agent | CVE-2025-21202 | Windows Recovery Environment Agent Elevation of Privilege Vulnerability | Important |
| Windows Remote Desktop Services | CVE-2025-21309 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2025-21297 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2025-21225 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Important |
| Windows Remote Desktop Services | CVE-2025-21330 | Windows Remote Desktop Services Denial of Service Vulnerability | Important |
| Windows Remote Desktop Services | CVE-2025-21278 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Important |
| Windows Secure Boot | CVE-2024-7344 | Cert CC: CVE-2024-7344 Howyar Taiwan Secure Boot Bypass | Important |
| Windows Security Account Manager | CVE-2025-21313 | Windows Security Account Manager (SAM) Denial of Service Vulnerability | Important |
| Windows Smart Card | CVE-2025-21312 | Windows Smart Card Reader Information Disclosure Vulnerability | Important |
| Windows SmartScreen | CVE-2025-21314 | Windows SmartScreen Spoofing Vulnerability | Important |
| Windows SPNEGO Extended Negotiation | CVE-2025-21295 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | Critical |
| Windows Telephony Service | CVE-2025-21243 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21244 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21241 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21303 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21246 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21252 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21417 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21248 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21306 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21233 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21411 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21413 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21237 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21239 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21339 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21236 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21245 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21409 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21223 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21282 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21305 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21273 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21266 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21250 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21302 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21240 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21286 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21238 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Themes | CVE-2025-21308 | Windows Themes Spoofing Vulnerability | Important |
| Windows UPnP Device Host | CVE-2025-21300 | Windows upnphost.dll Denial of Service Vulnerability | Important |
| Windows UPnP Device Host | CVE-2025-21389 | Windows upnphost.dll Denial of Service Vulnerability | Important |
| Windows Virtual Trusted Platform Module | CVE-2025-21210 | Windows BitLocker Information Disclosure Vulnerability | Important |
| Windows Virtual Trusted Platform Module | CVE-2025-21284 | Windows Virtual Trusted Platform Module Denial of Service Vulnerability | Important |
| Windows Virtual Trusted Platform Module | CVE-2025-21280 | Windows Virtual Trusted Platform Module Denial of Service Vulnerability | Important |
| Windows Virtualization-Based Security (VBS) Enclave | CVE-2025-21370 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | Important |
| Windows Web Threat Defense User Service | CVE-2025-21343 | Windows Web Threat Defense User Service Information Disclosure Vulnerability | Important |
| Windows Win32K – GRFX | CVE-2025-21338 | GDI+ Remote Code Execution Vulnerability | Important |
| Windows WLAN Auto Config Service | CVE-2025-21257 | Windows WLAN AutoConfig Service Information Disclosure Vulnerability | Important |
