Patch Tuesday cumulative update It fixes more than 150 vulnerabilities, including three being actively abused in the wild Other details about the flaws are not being disclosed at this time The first Microsoft Patch Tuesday of 2025 is upon us,

The January 2025 security update for Windows 11, version 24H2 expands the list of vulnerable drivers that could be used in Bring Your Own Vulnerable Driver attacks. BYOVD Vulnerabilities in kernel drivers could allow threat actors to sneak malware into the kernel.

Microsoft released security updates for eight zero-day flaws in its first Patch Tuesday of 2025, with three of the vulnerabilities under active exploitation. Microsoft defines zero-day vulnerabilities as software flaws that have either been publicly disclosed or are being actively exploited, with no patch available.

Microsoft just released its first round of Patch Tuesday updates this year and you should update your Windows PC right now to stay safe.

All the three Microsoft Access issues, on the other hand, have been credited to Unpatched.ai, an AI-guided vulnerability discovery platform. Action1 also noted that while the flaws are categorized as remote code execution (RCE) vulnerabilities, exploitation requires an attacker to convince the user to open a specially crafted file.

Microsoft’s first Patch Tuesday of 2025 has arrived, and it's a big one. Microsoft addressed 159 vulnerabilities, including eight zero-day flaws, three of which have been actively exploited in the wild.

Microsoft released the first Patch Tuesday security updates for Windows addressing 159 CVEs with 8 zero-day threats discovered.

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017.