trackd_logo_dark-1

January’s (2025) Patch Tuesday Damage Report

** 2 Weeks After Patch Tuesday **


A bunch of nothing-burgers!


With some closure from Microsoft on the System Guard Runtime Monitor Broker Service (SgrmBroker.exe) not running after update (been effectively deprecated for years) and other minor inconveniences (or great reprieves if you’re on work calls constantly), this month’s updates are pretty chill.

Server 2022


Server 2016


Windows 10


Miscellaneous






** 72 Hours After Patch Tuesday **


Whelp, this month’s been a chatty one so far. We even have one report of Blue Screens of Death popping up. Of note though, we have two reports of local Windows authentication services causing disruptions (Kerberos and Local Security Authority Process), and System Guard runtime Monitor Broker Service not running after updates (this service protects the operating system from malicious code execution).


Some other mildly annoying disruptions have been reported as well, so certainly not a home run we were expecting to kick off the new year. 


No disruptions detected or reported on the trackd platform.


Windows 11


Server 2022



Server 2016


Miscellaneous





Happy New Year! 


We’re ringing in 2025 with a whopping 159 vulnerabilities (3 criticals and 3 Hyper-V zero days). We also see 3 vulnerabilities that have functional exploit code, but are not actively being exploited.


Not too bad a start unless you have some Hyper-V to tend to and hopefully no major stability issues generally.


I’ll be back in ~72 hours with an update!


Zero Days:

  • CVE-2025-21333 – Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege
  • CVE-2025-21334 – Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege
  • CVE-2025-21335 – Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege


New year; new patching cadence?