Today’s VERT Alert addresses Microsoft’s January 2025 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1139 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2025-21333 The first of three Hyper-V vulnerabilities this month is a heap-based buffer overflow that leads to privilege escalation to SYSTEM. Microsoft has reported this vulnerability as Exploitation Detected. CVE-2025-21334 The second of three Hyper-V vulnerabilities this month is a use-after-free vulnerability that leads to privilege escalation to SYSTEM…
No tags for this post.
VERT Threat Alert: January 2025 Patch Tuesday Analysis
Recent Posts
- CVE-2024-13434 – “WordPress WP Inventory Manager Reflected Cross-Site Scripting Vulnerability”
- CVE-2024-13401 – “PayPal WordPress Stored Cross-Site Scripting Vulnerability”
- CVE-2024-13398 – PayPal Checkout for WordPress Stored Cross-Site Scripting
- CVE-2024-51462 – IBM QRadar WinCollect Agent XML Injection Vulnerability
- CVE-2024-52363 – IBM InfoSphere Information Server Directory Traversal Vulnerability