Happy New Year!
We’re ringing in 2025 with a whopping 159 vulnerabilities (3 criticals and 3 Hyper-V zero days). We also see 3 vulnerabilities that have functional exploit code, but are not actively being exploited.
Not too bad a start unless you have some Hyper-V to tend to and hopefully no major stability issues generally.
I’ll be back in ~72 hours with an update!
Zero Days:
- CVE-2025-21333 – Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege
- CVE-2025-21334 – Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege
- CVE-2025-21335 – Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege
New year; new patching cadence?
