en

Critical Vulnerabilities in Microsoft Security Updates in January 2025

17 January 2025

On 14 January 2025, Microsoft published several vulnerabilities in the context of the rollout of monthly security updates. Microsoft provides further information with the following link:

January 2025 Security Updates – Release Notes – Security Update Guide – Microsoft

The BSI (Federal Office for Information Security) currently warns primarily against the following vulnerabilities:

CVE-2025-21298 – CVSS: 9.8
CVE-2025-21309 – CVSS: 8.1
CVE-2025-21333 – CVSS: 7.8
CVE-2025-21334 – CVSS: 7.8
CVE-2025-21335 – CVSS: 7.8

SCADA systems from VIVAVIS are not affected by CVE-2025-21298 because the corresponding functionality is not used.

The other security gaps listed above can generally only be exploited by an internal perpetrator in a VIVAVIS SCADA system environment. We therefore categorise the threat situation as lower.

Microsoft provides patches for many affected Windows servers and client operating systems.

We will apply the corresponding patches as planned.

If you have further questions or if you require support, please contact our Customer Support Center

Ansprechpartner
Peter Schwark


RSS-Feed

Our RSS feed always keeps you up to date! This way, you’ll receive same-day notification when a new article has been posted to the IT Security Bulletin. Just enter the following link in your feed reader: https://www.vivavis.com/en/category/it-security-en/feed/

You can find out how to integrate the RSS feed into Outlook here.

Call now
Call now +49 7243 218 0
Send Mail
Send Mail info@vivavis.com
Locations & Contact
Locations & Contact Explore now