PortalFuse Weekly Security Update Report (Windows And Edge Edition) – January 14, 2025 The PortalFuse Microsoft Intune And Security Report podcast

The PortalFuse Microsoft Intune and Security Report Podcast « »

PortalFuse Weekly Security Update Report (Windows and Edge Edition) – January 14, 2025

8M ago 24:29

שתפו

תוכן מסופק על ידי Kevin Kaminski. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Kevin Kaminski או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

The January 2025 security updates address several critical vulnerabilities, categorized as follows:

Elevation of Privilege Vulnerabilities:
- CVE-2025-21378 (Windows CSC Service): Heap-based buffer overflow granting SYSTEM privileges.
- CVE-2025-21335 (Windows Hyper-V NT Kernel): Use-after-free condition affecting Hyper-V integration, compromising guest and host environments.
- CVE-2025-21265 & CVE-2025-21310 (Windows Digital Media): Vulnerabilities triggered by physical access and malicious USB drives, escalating privileges.
- CVE-2025-21275 (Windows App Package Installer): Allows bypassing restrictions to gain elevated privileges.
Other vulnerabilities include issues in the Microsoft Brokering File System and Windows Virtualization-Based Security.
Remote Code Execution (RCE) Vulnerabilities:
- CVE-2025-21298 (Windows OLE): Exploitable through crafted emails or documents to run arbitrary code.
- CVE-2025-21296 (BranchCache): Malicious code execution in local network setups.
- CVE-2025-21291 (Windows Direct Show): Exploits malformed media files to trigger RCE.
- CVE-2025-21289 (Windows Shell): Allows code execution through malicious scripts.
Additional RCE vulnerabilities could lead to significant damage if left unpatched.
Information Disclosure Vulnerabilities:
- CVE-2025-21319 (Windows Kernel Memory): Exposes sensitive memory details in logs.
- CVE-2025-21288 (Windows COM Server): Uninitialized COM resources leak heap memory.
- CVE-2025-21210 & CVE-2025-21214 (Windows BitLocker): Risk of exposing encryption keys through physical access or side-channel attacks.
Security Feature Bypass Vulnerabilities:
- CVE-2025-21299 (Windows Kerberos): Bypasses Windows Defender Credential Guard, gaining access to Kerberos tickets.
- CVE-2025-21340 (Windows Virtualization-Based Security): Bypasses hypervisor isolation.
- CVE-2025-21215 & CVE-2024-7344 (Secure Boot): Exploits in the boot process allowing attackers to tamper with security checks.
Denial of Service (DoS) Vulnerabilities:
- CVE-2025-21284 & CVE-2025-21280 (Windows Virtual TPM): Causes system crashes by exploiting the Virtual TPM.
- CVE-2025-21274 (Windows Event Tracing): Crashes logging services, allowing undetected attacks.
- CVE-2025-21207 (Windows Connected Devices Platform Service): Disables network-based device management, causing downtime.

Join us as we discuss the latest CVEs, how they affect you and how to stay protected!

40 פרקים

The January 2025 security updates address several critical vulnerabilities, categorized as follows:

Elevation of Privilege Vulnerabilities:
- CVE-2025-21378 (Windows CSC Service): Heap-based buffer overflow granting SYSTEM privileges.
- CVE-2025-21335 (Windows Hyper-V NT Kernel): Use-after-free condition affecting Hyper-V integration, compromising guest and host environments.
- CVE-2025-21265 & CVE-2025-21310 (Windows Digital Media): Vulnerabilities triggered by physical access and malicious USB drives, escalating privileges.
- CVE-2025-21275 (Windows App Package Installer): Allows bypassing restrictions to gain elevated privileges.
Other vulnerabilities include issues in the Microsoft Brokering File System and Windows Virtualization-Based Security.
Remote Code Execution (RCE) Vulnerabilities:
- CVE-2025-21298 (Windows OLE): Exploitable through crafted emails or documents to run arbitrary code.
- CVE-2025-21296 (BranchCache): Malicious code execution in local network setups.
- CVE-2025-21291 (Windows Direct Show): Exploits malformed media files to trigger RCE.
- CVE-2025-21289 (Windows Shell): Allows code execution through malicious scripts.
Additional RCE vulnerabilities could lead to significant damage if left unpatched.
Information Disclosure Vulnerabilities:
- CVE-2025-21319 (Windows Kernel Memory): Exposes sensitive memory details in logs.
- CVE-2025-21288 (Windows COM Server): Uninitialized COM resources leak heap memory.
- CVE-2025-21210 & CVE-2025-21214 (Windows BitLocker): Risk of exposing encryption keys through physical access or side-channel attacks.
Security Feature Bypass Vulnerabilities:
- CVE-2025-21299 (Windows Kerberos): Bypasses Windows Defender Credential Guard, gaining access to Kerberos tickets.
- CVE-2025-21340 (Windows Virtualization-Based Security): Bypasses hypervisor isolation.
- CVE-2025-21215 & CVE-2024-7344 (Secure Boot): Exploits in the boot process allowing attackers to tamper with security checks.
Denial of Service (DoS) Vulnerabilities:
- CVE-2025-21284 & CVE-2025-21280 (Windows Virtual TPM): Causes system crashes by exploiting the Virtual TPM.
- CVE-2025-21274 (Windows Event Tracing): Crashes logging services, allowing undetected attacks.
- CVE-2025-21207 (Windows Connected Devices Platform Service): Disables network-based device management, causing downtime.

Join us as we discuss the latest CVEs, how they affect you and how to stay protected!

פודקאסטים ששווה להאזין

The PortalFuse Microsoft Intune and Security Report Podcast « »
PortalFuse Weekly Security Update Report (Windows and Edge Edition) – January 14, 2025

PortalFuse Weekly Security Update Report (Windows and Edge Edition) – January 14, 2025

פודקאסטים ששווה להאזין

כל הפרקים

ברוכים הבאים אל Player FM!

מדריך עזר מהיר