From e13ac61590f5d3caffb7f7d5ee60789e0fe9fcac Mon Sep 17 00:00:00 2001 From: Serki Ashagre <132869385+LSerki@users.noreply.github.com> Date: Wed, 15 Jan 2025 14:29:31 +0800 Subject: [PATCH] Microsoft Monthly Updates - 20250115004 --- .../20250115004-Microsoft-January-Updates.md | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 docs/advisories/20250115004-Microsoft-January-Updates.md diff --git a/docs/advisories/20250115004-Microsoft-January-Updates.md b/docs/advisories/20250115004-Microsoft-January-Updates.md new file mode 100644 index 00000000..1295d2f5 --- /dev/null +++ b/docs/advisories/20250115004-Microsoft-January-Updates.md @@ -0,0 +1,25 @@ +# Microsoft Monthly Updates - 20250115004 + +## Overview + +Microsoft has released security updates to address 159 vulnerabilities in multiple products. A Cyber threat actor could leverage some of these vulnerabilities to exploit the affected system. + +## What is vulnerable? + +### Critical Vulnerabilities + +| Product(s) Affected | CVE | CVSS | Severity | +| ----------------------------- | ----------------------------------------------------------------- | ---- | -------- | +| Windows NTLM | [CVE-2025-21311](https://nvd.nist.gov/vuln/detail/CVE-2025-21311) | 9.8 | Critical | +| Windows OLE | [CVE-2025-21298](https://nvd.nist.gov/vuln/detail/CVE-2025-21298) | 9.8 | Critical | +| Reliable Multicast Transport Driver (RMCAST) | [CVE-2025-21307](https://nvd.nist.gov/vuln/detail/CVE-2025-21307) | 9.8 | Critical | + +## What has been observed? + +There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing. + +## Recommendation + +The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)): + +- Microsoft January 2025 Security Updates: \ No newline at end of file