Serial number: AV25-021
Date: January 14, 2024
On January 14, 2025, Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
- .NET – version 8.0
- .NET – version 9.0
- Marketplace SaaS
- Microsoft 365 Apps for Enterprise – multiple versions and platforms
- Microsoft Access 2016
- Microsoft Defender for Endpoint
- Microsoft Edge
- Microsoft Excel 2016
- Microsoft/Muzic
- Microsoft Office – multiple versions and platforms
- Microsoft Project 2016 – multiple versions and platforms
- Microsoft Purview
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server Subscription Edition
- Microsoft SharePoint Server 2019
- Microsoft Update Catalog
- Microsoft Visual Studio – multiple versions
- Microsoft Word 2016
- Office Online Server
- System Center 2019, 2022 and 2025
- Windows 10 – multiple versions and platforms
- Windows 11 – multiple versions and platforms
- Windows Server – multiple versions and platforms
Microsoft has indicated that CVE-2025-21333, CVE-2025-21334 and CVE-2025-21335 have been exploited.
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.