Microsoft Patch Tuesday: January 2025

On 14 January 2025, Microsoft released its January 2025 security update, addressing 159 newly disclosed vulnerabilities. Arctic Wolf has highlighted six vulnerabilities in this security bulletin that affect Microsoft Windows and are classified as critical or have been exploited in the wild.

Vulnerabilities

Vulnerability	CVSS	Description	Exploited?
CVE-2025-21298	9.8	Windows Object Linking and Embedding (OLE) Remote Code Execution (RCE) Vulnerability – A remote threat actor could exploit the vulnerability by sending a specially crafted email to a target victim. Exploitation occurs if the victim opens the email in an affected version of Microsoft Outlook or if the victim’s Outlook application displays a preview of the email, allowing the threat actor to achieve RCE on the victim’s machine.	No
CVE-2025-21307	9.8	Windows Reliable Multicast Transport Driver (RMCAST) RCE Vulnerability – A remote, unauthenticated threat actor could achieve RCE by sending specially crafted packets to a Windows Pragmatic General Multicast (PGM) socket on the server, without any user interaction, provided a program is listening on a PGM port.	No
CVE-2025-21311	9.8	Windows NTLM V1 Elevation of Privilege Vulnerability – A remote threat actor can exploit this vulnerability in NT LAN Manager (NTLM) V1 to elevate privileges. The attack complexity is low, as the threat actor does not need significant prior knowledge of the system and can consistently achieve success with the payload against the vulnerable component.	No
CVE-2025-21333, CVE-2025-21334, CVE-2025-21335	7.8	Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability – A local threat actor can exploit one these vulnerabilities to gain SYSTEM privileges. These three vulnerabilities describe the same Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability, with separate CVEs assigned.	Yes

Recommendation

Upgrade to the Latest Fixed Versions

Arctic Wolf strongly recommends that customers upgrade to the latest fixed versions.

Affected Product	Vulnerability	Update Article
Windows 10 for 32-bit, and x64-based Systems	CVE-2025-21298, CVE-2025-21307	5050013
Windows 10 Version 1607 for 32-bit, and x64-based Systems	CVE-2025-21298, CVE-2025-21307	5049993
Windows 10 Version 1809 for 32-bit Systems, and x64-based Systems	CVE-2025-21298, CVE-2025-21307	5050008
Windows 10 Version 21H2 for 32-bit, and ARM64-based Systems	CVE-2025-21298, CVE-2025-21307	5049981
Windows 10 Version 21H2 for x64-based Systems	CVE-2025-21298, CVE-2025-21307, CVE-2025-21333, CVE-2025-21334, CVE-2025-21335	5049981
Windows 10 Version 22H2 for 32-bit, and ARM64-based Systems	CVE-2025-21298, CVE-2025-21307	5049981
Windows 10 Version 22H2 for x64-based Systems	CVE-2025-21298, CVE-2025-21307, CVE-2025-21333, CVE-2025-21334, CVE-2025-21335	5049981
Windows 11 Version 22H2 for ARM64-based, and x64-based Systems	CVE-2025-21298, CVE-2025-21307, CVE-2025-21333, CVE-2025-21334, CVE-2025-21335	5050021
Windows 11 Version 23H2 for ARM64-based, and x64-based Systems	CVE-2025-21298, CVE-2025-21307, CVE-2025-21333, CVE-2025-21334, CVE-2025-21335	5050021
Windows 11 Version 24H2 for ARM64-based, and x64-based Systems	CVE-2025-21298, CVE-2025-21307, CVE-2025-21311, CVE-2025-21333, CVE-2025-21334, CVE-2025-21335	5050009
Windows Server 2008 for 32-bit, and x64-based Systems Service Pack 2	CVE-2025-21298, CVE-2025-21307	5050063, 5050061
Windows Server 2008 R2 for x64-based Systems Service Pack 1	CVE-2025-21298, CVE-2025-21307	5050049, 5050006
Windows Server 2012	CVE-2025-21298, CVE-2025-21307	5050004
Windows Server 2012 R2	CVE-2025-21298, CVE-2025-21307	5050048
Windows Server 2016	CVE-2025-21298, CVE-2025-21307	5049993
Windows Server 2019	CVE-2025-21298, CVE-2025-21307	5050008
Windows Server 2022	CVE-2025-21298, CVE-2025-21307	5049983
Windows Server 2022, 23H2 Edition	CVE-2025-21298, CVE-2025-21307, CVE-2025-21311, CVE-2025-21333, CVE-2025-21334, CVE-2025-21335	5049984
Windows Server 2025	CVE-2025-21298, CVE-2025-21307, CVE-2025-21311, CVE-2025-21333, CVE-2025-21334, CVE-2025-21335	5050009

Please follow your organization’s patching and testing guidelines to minimize potential operational impact.

References

Microsoft Patch Tuesday January 2025

© 2025 Arctic Wolf Networks Inc. All Rights Reserved.
Privacy Notice	Terms of Use	Cookie Policy	Customer Portal Policy	Accessibility Statement	Sustainability Statement	Information Security	Cookies Settings

Platform

Concierge

Journey

Reduce Attack Frequency

Reduce Attack Severity

Transfer Risk

Get Started

Why Arctic Wolf

Expertise by Topic

Expertise by Industry

Resource Centre

Trending Resources

NIS2 aims to make the EU as a whole more resilient to cyber threats and strengthen cooperation between Member States on cybersecurity.

The 2024 Gartner® Market Guide for MDR Services provides a comprehensive overview of the evolving MDR landscape.

The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.

Security Bulletins

Follow-Up: SonicWall Updates Advisories for Actively Exploited Vulnerabilities

CVE-2025-31324: Maximum-Severity File Upload Vulnerability in SAP NetWeaver Exploited in the Wild

CVE-2025-34028: PoC Released for Critical RCE Vulnerability in Commvault Command Center

Company

Careers

Press

Microsoft Patch Tuesday: January 2025

Vulnerabilities

Recommendation

Upgrade to the Latest Fixed Versions

References

Popular Topics

Share this post:

What to read next

Earl Grey House
77 Grey St. 3rd Floor
Newcastle upon Tyne
NE1 6EF
UK

© 2025 Arctic Wolf Networks Inc. All Rights Reserved.

Privacy Notice

Terms of Use

Cookie Policy

Customer Portal Policy

Accessibility Statement

Sustainability Statement

Information Security

Cookies Settings

Platform

Concierge

Journey

Reduce Attack Frequency

Reduce Attack Severity

Transfer Risk

Get Started

Why Arctic Wolf

Expertise by Topic

Expertise by Industry

Resource Centre

Trending Resources

NIS2 aims to make the EU as a whole more resilient to cyber threats and strengthen cooperation between Member States on cybersecurity.

The 2024 Gartner® Market Guide for MDR Services provides a comprehensive overview of the evolving MDR landscape.

The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.

Security Bulletins

Follow-Up: SonicWall Updates Advisories for Actively Exploited Vulnerabilities

CVE-2025-31324: Maximum-Severity File Upload Vulnerability in SAP NetWeaver Exploited in the Wild

CVE-2025-34028: PoC Released for Critical RCE Vulnerability in Commvault Command Center

Company

Careers

Press

Microsoft Patch Tuesday: January 2025

Vulnerabilities

Recommendation

Upgrade to the Latest Fixed Versions

References

Popular Topics

Share this post:

What to read next

6 min read

Follow-Up: SonicWall Updates Advisories for Actively Exploited Vulnerabilities

4 min read

CVE-2025-34028: PoC Released for Critical RCE Vulnerability in Commvault Command Center

8 min read

Credential Access Campaign Targeting SonicWall SMA Devices Potentially Linked to Exploitation of CVE-2021-20035

12 min read

Microsoft Patch Tuesday: April 2025

Earl Grey House 77 Grey St. 3rd Floor Newcastle upon TyneNE1 6EF UK

© 2025 Arctic Wolf Networks Inc. All Rights Reserved.

Earl Grey House
77 Grey St. 3rd Floor
Newcastle upon Tyne
NE1 6EF
UK