Microsoft has released its first security update of 2025, addressing a total of 159 vulnerabilities across its products, including .NET, Visual Studio, Microsoft Excel, Windows components, and Azure services. The update prioritizes critical and high-severity flaws in various systems, impacting Windows Telephony Services, Active Directory Domain Services, and other key Microsoft services.
Among the top vulnerabilities is one related to Windows Object Linking and Embedding (OLE), which allows for remote code execution. Microsoft has not seen this vulnerability being exploited in the wild but believes malicious actors could use it to send specially crafted emails that run remote code on a victim’s computer.
Another remote code execution flaw affects Windows Reliable Multicast Transport Driver (RMCAST), which requires specific network conditions to be exploited. However, if these conditions are met, an unauthenticated attacker can potentially send specially crafted packets to an open PGM socket on a Windows server, allowing them to run code without user interaction.
Microsoft also addressed three privilege escalation vulnerabilities in Windows NT LAN Manager, which could allow attackers to access compromised machines over the internet remotely and with minimal technical expertise. The company recommends setting the LAN Manager’s LmCompatibilityLevel to its maximum value (5) for all machines to prevent exploitation.
Additionally, Microsoft Excel was vulnerable to remote code execution due to use-after-free issues in three separate vulnerabilities (CVE-2025-21354, CVE-2025-21362, and CVE-2025-21364). These flaws can be exploited even when just viewing an Excel file in the Preview Pane, allowing attackers to run harmful code on a computer. Microsoft warns that these vulnerabilities are more likely to be exploited in the wild, making patching them essential for companies using Excel.
Source: https://cyberscoop.com/microsoft-patch-tuesday-january-2025