A naukri.com initiative
Qualys
1w
344
Image Credit: Qualys
Microsoft Patch Tuesday, January 2025 Security Update Review
- Microsoft's first Patch Tuesday of 2025 addressed 159 vulnerabilities, including 10 critical and 149 important severity vulnerabilities.
- This month’s updates, Microsoft has addressed eight zero-day vulnerabilities, with three actively exploited in attacks.
- Microsoft did not address any vulnerabilities in Microsoft Edge (Chromium-based) in this month’s updates.
- Some of the software Microsoft has fixed flaws in include .NET, .NET and Visual Studio, Microsoft Windows Search Component, Windows Installer, Windows Kerberos, Windows Kernel Memory, Windows Remote Desktop Services, and Windows Secure Boot.
- The vulnerabilities patched in the update include Spoofing, Denial of Service (DoS), Elevation of Privilege (EoP), Information Disclosure, and Remote Code Execution (RCE).
- Some of the critical severity vulnerabilities include Remote Code Execution in Microsoft Excel and Windows Remote Desktop Services.
- Additionally, Microsoft details exclusive controls for users to implement in the event that remediation or patching cannot be done immediately.
- Users of Qualys can attend upcoming webinars to learn more about the software.
- The next Patch Tuesday update is expected to fall on February 11.
- As always, users are encouraged to stay safe and secure while online.
Read Full Article
20 Likes
For uninterrupted reading, download the app