Threat and Vulnerability Intelligence Database

Example Searches:

	Windows BitLocker bug triggers warnings on devices with TPMs Description: Microsoft is investigating a bug triggering security alerts on systems with a Trusted Platform Module (TPM) processor after enabling BitLocker. [...] Source: BleepingComputer January 15th, 2025 (3 months ago)
CVE-2024-7344	3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update Description: Microsoft kicked off 2025 with a new set of patches for a total of 161 security vulnerabilities across its software portfolio, including three zero-days that have been actively exploited in attacks. Of the 161 flaws, 11 are rated Critical, and 149 are rated Important in severity. One other flaw, a non-Microsoft CVE related to a Windows Secure Boot bypass (CVE-2024-7344), has not been assigned EPSS Score: 0.04% Source: TheHackerNews January 15th, 2025 (3 months ago)
	Microsoft fixes under-attack privilege-escalation holes in Hyper-V Source: TheRegister January 15th, 2025 (3 months ago)
CVE-2025-23082	Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send... Description: Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. CVSS: HIGH (7.2) EPSS Score: 0.04% Source: CVE January 15th, 2025 (3 months ago)
	Microsoft Rings in 2025 With Record Security Update Description: Company has issued patches for an unprecedented 159 CVEs, including eight zero-days, three of which attackers are already exploiting. Source: Dark Reading January 14th, 2025 (3 months ago)
	January Windows updates may fail if Citrix SRA is installed Description: Microsoft is warning that the January 2025 Windows 11 and Windows 10 cumulative updates may fail if Citrix Session Recording Agent (SRA) version 2411 is installed on the device. [...] Source: BleepingComputer January 14th, 2025 (3 months ago)
	Microsoft Patch Tuesday for January 2025 — Snort rules and prominent vulnerabilities Description: Microsoft has released its monthly security update for January of 2025 which includes 159 vulnerabilities, including 10 that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”  Source: Cisco Talos Blog January 14th, 2025 (3 months ago)
	Windows January 2025 Patch Tuesday Fixes 159 Vulnerabilities Description: Microsoft's January 2025 Patch Tuesday update addresses 159 vulnerabilities, including three previously undisclosed actively exploited zero-day vulnerabilities. The update is applicable to Windows 11 OS Builds 22621.4751 and 22631.4751 and is part of Microsoft's ongoing effort to secure its flagship operating system against emerging threats. New zero-day flaws Microsoft has confirmed three vulnerabilities under active … The post Windows January 2025 Patch Tuesday Fixes 159 Vulnerabilities appeared first on CyberInsider. Source: CyberInsider January 14th, 2025 (3 months ago)
	Windows 10 KB5049981 update released with new BYOVD blocklist Description: Microsoft has released the KB5049981 cumulative update for Windows 10 22H2 and Windows 10 21H2, which contains an updated Kernel driver blocklist to prevent Bring Your Own Vulnerable Driver (BYOVD) attacks. [...] Source: BleepingComputer January 14th, 2025 (3 months ago)
	Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws Description: Today is Microsoft's January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks. [...] Source: BleepingComputer January 14th, 2025 (3 months ago)