Security News > 2025 > January > Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
2025-01-14 20:57
Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) are being actively exploited. The exploited Hyper-V vulnerabilities The exploited zero-days are CVE-2025-21333 (a buffer overflow bug), CVE-2025-21334 and CVE-2025-21335 (use after free flaws), and they all allow attackers to elevated their privilege to SYSTEM on compromised Windows and Windows Server machines. They affect a component of … More → The post Microsoft fixes actively exploited Windows Hyper-V zero-day flaws appeared first on Help Net Security.
News URL
Related news
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)
- Microsoft confirms game audio issues on Windows 11 24H2 PCs (source)
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)
- Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs (source)
- Microsoft testing Windows 11 support for third-party passkeys (source)
- Microsoft asks Windows Insiders to try out the controversial Recall feature (source)
- Microsoft blocks Windows 11 24H2 on some PCs with USB scanners (source)
- Security? We've heard of it: How Microsoft plans to better defend Windows (source)
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
- RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-14 | CVE-2025-21335 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | 7.8 |
| 2025-01-14 | CVE-2025-21334 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | 7.8 |
| 2025-01-14 | CVE-2025-21333 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | 7.8 |