🐈 Yanvar oyi uchun Microsoft Patch Tuesday e'lon qilindi, unda 170 ta CVE aniqlangan.
🔻 EoP - Windows Hyper-V NT Kernel Integration VSP (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335).
🔸 Security Feature Bypass - Microsoft Update Catalog (CVE-2024-49147), MapUrlToZone (CVE-2025-21268, CVE-2025-21189)
🔸 EoP - Windows Installer (CVE-2025-21287)
🔸 Auth. Bypass - Azure (CVE-2025-21380)
🔹 RCE - Windows OLE (CVE-2025-21298), Windows RMCAST (CVE-2025-21307), Microsoft Office (CVE-2025-21365), Windows Remote Desktop Services (CVE-2025-21297, CVE-2025-21309), NEGOEX (CVE-2025-21295)
🔹 EoP - Windows NTLM V1 (CVE-2025-21311), Windows Search Service (CVE-2025-21292), Windows App Package Installer (CVE-2025-21275)
🔹 Spoofing - Windows Themes (CVE-2025-21308)
https://msrc.microsoft.com/update-guide/
🔻 EoP - Windows Hyper-V NT Kernel Integration VSP (CVE-2025-21333, CVE-2025-21334, CVE-2025-21335).
🔸 Security Feature Bypass - Microsoft Update Catalog (CVE-2024-49147), MapUrlToZone (CVE-2025-21268, CVE-2025-21189)
🔸 EoP - Windows Installer (CVE-2025-21287)
🔸 Auth. Bypass - Azure (CVE-2025-21380)
🔹 RCE - Windows OLE (CVE-2025-21298), Windows RMCAST (CVE-2025-21307), Microsoft Office (CVE-2025-21365), Windows Remote Desktop Services (CVE-2025-21297, CVE-2025-21309), NEGOEX (CVE-2025-21295)
🔹 EoP - Windows NTLM V1 (CVE-2025-21311), Windows Search Service (CVE-2025-21292), Windows App Package Installer (CVE-2025-21275)
🔹 Spoofing - Windows Themes (CVE-2025-21308)
https://msrc.microsoft.com/update-guide/