Yesterday was January’s big Patch Tuesday, where Microsoft rolled out a big bundle of security updates across several apps and services, eliminating 159 security vulnerabilities. This is the most extensive Patch Tuesday of the last few years with more than double the usual number of fixed security flaws.

The January 2025 security update for Windows 11, version 24H2 expands the list of vulnerable drivers that could be used in Bring Your Own Vulnerable Driver attacks. BYOVD Vulnerabilities in kernel drivers could allow threat actors to sneak malware into the kernel.

All the three Microsoft Access issues, on the other hand, have been credited to Unpatched.ai, an AI-guided vulnerability discovery platform. Action1 also noted that while the flaws are categorized as remote code execution (RCE) vulnerabilities, exploitation requires an attacker to convince the user to open a specially crafted file.

Patch Tuesday cumulative update It fixes more than 150 vulnerabilities, including three being actively abused in the wild Other details about the flaws are not being disclosed at this time The first Microsoft Patch Tuesday of 2025 is upon us,

Microsoft’s first Patch Tuesday of 2025 has arrived, and it's a big one. Microsoft addressed 159 vulnerabilities, including eight zero-day flaws, three of which have been actively exploited in the wild.

The largest Patch Tuesday of the 2020s so far brings fixes for over 150 CVEs ranging widely in their scope and severity - including eight zero-day flaws

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017.

All three zero-day vulnerabilities have a CVSS score of 7.8 and could allow an attacker to gain system privileges.