Four zero-days: AFD EoP, Storage EoP, NTLMv2 disclosure, Surface container escape. Critical RCEs in LDAP, DHCP client, Excel.
Eight 0-days. Access: triple zero-day RCE; Hyper-V NT Kernel Integration VSP: triple zero-day EoP; Windows Themes: zero-day NTLM disclosure; Windows Installer: zero-day EoP; PGM: critical RCE; OLE: critical RCE.
1 zero-day. CLFS EoP. 16 critical RCEs. Hyper-V container escape. Multiple Remote Desktop Services RCE.
4 zero-days. AD CS ESC15 aka EKUwu. NTLMv2 disclosure. Exchange sender spoofing. Task scheduler EoP. .NET & Kerberos critical RCEs. Welcome Server 2025.
5 zero-days. Configuration Manager pre-auth RCE. RDP RPC pre-auth RPC. Winlogon EoP. Hyper-V container escape. curl o-day RCE late patch. Management console zero-day RCE. Windows 11 lifecycle changes.
4 zero-days. Servicing Stack Win 10 1507 rollback; MotW LNK stomping bypass; Windows Installer EoP; Publisher macro bypass. SharePoint & Windows NAT critical RCEs.
Heavy-hitting edition of PT with 10 zero-days. Windows Downdate downgrade attack, Windows WinSock EoP, Windows Kernel EoP, MotW bypass, and several others.
MSMQ RCE again. Office malicious file RCEs. SharePoint RCE. DNSSEC NSEC3 DoS.
Zero-days in DWM, MSHTML, and Visual Studio. SharePoint critical post-auth RCE. Remote Access repatch. Mobile Broadband USB vulns.
One late-breaking zero-day vuln. Defender for IoT critical RCEs. Dozens of SQL OLE DB driver RCEs. Microsoft adds CWE and Vector String Source to advisories.
No zero-day vulns this month. A single critical RCE: Hyper-V guest escape. Exchange malicious DLL RCE. SharePoint ACE. Azure Kubernetes Service Confidential Containers. Windows 11 compressed folders.
Windows SmartScreen & Internet Shortcut EitW. Office Protected Mode bypass. Exchange critical elevation of privilege.
Hyper-V critical RCE. Office FBX 3D model vuln. SharePoint RCE. Critical Kerberos MitM. No zero-days. Smallest January PT for several years.
AMD divide-by-zero-day information disclosure. No-interaction MSHTML Outlook critical RCE. Double ICS critical RCE. Fewer patches for fewer products than usual.
Zero day vulns in SmartScreen, DWM, Cloud Files mini driver, Office Protected View, ASP.NET. Overall fewer patches than usual. cURL patch.