As previously reported, Microsoft released its first Patch Tuesday for 2025, which addresses a record-breaking 161 flaws, including three zero-day vulnerabilities that are being actively targeted.
One expert commented that January marks the fourth consecutive month where Microsoft has published zero-day vulnerabilities without classifying any of them as critical at the time of publication, while another highlighted a bug in Microsoft Bitlocker that the company deemed “exploitation more likely,” that may leave hibernation files in plain text.
The patch also fixes vulnerabilities in Microsoft Access, and nine critical RCE vulnerabilities, with one expert calling attention to a flaw affecting NTLMv1, an older Microsoft authentication protocol still used by many organizations, which earned a CVSS threat rating score of 9.8 out of a possible 10.
Another expert said Microsoft’s patch seems to have resolved some issues with his Lenovo laptop’s Ubuntu partition, which had been experiencing conflicts with Windows.
Windows 10 pro, AMD 5800H, 64 GB, RTX3060M top AI notebook BSOD’ed updating to Win11 21H2. Disabling Element exposing MS to CORS allowed update to continue to finish, had to install three times, now works.