JPCERT-AT-2025-0002 JPCERT/CC 2025-01-15 <<< JPCERT/CC Alert 2025-01-15 >>> Microsoft Releases January 2025 Security Updates https://www.jpcert.or.jp/english/at/2025/at250002.html I. Overview Microsoft has released January 2025 Security Updates to address the vulnerabilities in their products. Remote attackers leveraging these vulnerabilities may be able to execute arbitrary code. Microsoft Corporation January 2025 Security Updates https://msrc.microsoft.com/update-guide/en-us/releaseNote/2025-Jan According to Microsoft, among the vulnerabilities, the following vulnerabilities have been confirmed to be exploited in the wild. Please consider applying the security update programs by referring to the information provided by Microsoft. CVE-2025-21333 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21333 CVE-2025-21334 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21334 CVE-2025-21335 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21335 II. Solution Please apply the security update programs through Microsoft Update, Windows Update, etc. Microsoft Update Catalog https://www.catalog.update.microsoft.com/ Windows Update: FAQ https://support.microsoft.com/en-us/help/12373/windows-update-faq III. References Microsoft Corporation Release Notes https://msrc.microsoft.com/update-guide/ If you have any information regarding this alert, please contact JPCERT/CC. ====================================================================== JPCERT Coordination Center (Early Warning Group) MAIL: ew-info@jpcert.or.jp https://www.jpcert.or.jp/english/