New Critical Microsoft Windows Warning As 3 Zero-Day Attacks Underway – Forbes
Microsoft confirms three zero-day Windows attacks underway.Update, Jan. 16, 2025: This story, originally published Jan. 15, now includes a statement from Microsoft regarding the Windows zero-day exploits.As if Windows users hadn’t got enough to worry about when it comes to security issues, from the forthcoming ending of security support for Windows 10 to a surge in Russian cyberattacks now Microsoft has confirmed that a staggering three new zero-day exploits are being used in ongoing cyberattacks. Here’s what you need to know.Microsoft has released the latest Patch Tuesday round-up of security patches, and this month, it’s a whopper: 159 vulnerabilities, 12 of which are critical and include no less than eight zero-days; three of which are already known to be under active exploitation according to Microsoft. “This is definitely one of those months where admins need to step back, take a deep breath, and determine their plan of attack,” Tyler Reguly, associate director of security research and development at Fortra, said.Although, as is usually the case when actively exploited zero-day vulnerabilities are concerned, there is precious little technical information available about these exploits. The three vulnerabilities are classified as CVE-2025-21335, CVE-2025-21333 and CVE-2025-21334, impacting Hyper-V, which, as Kev Breen, senior director of threat research at Immersive Labs said, “is heavily embedded in modern Windows 11 operating systems and used for a range of security tasks including device guard and credential guard.” These are listed as elevation of privileges issues, “meaning that if an attacker has already gained access to a host through something like a phishing attack, they could use these vulnerabilities to gain SYSTEM level permissions on the infected device.” With such techniques often observed being used by nation-state and ransomware operators, Breen warned these should be at the top of the list for patching this month.Chris Goettl, vice president of security product management at Ivanti., said that the vulnerabilities affect Microsoft Windows versions 10, 11, and Server 2025 and “risk-based prioritization warrants treating these vulnerabilities as Critical.”I reached out to Microsoft for a statement and a spokesperson said: “We have released an update and customers who have installed it are already protected.”Mike Walters, president and co-founder of Action1, warned of the potential impact of these zero-day exploits for Windows users, explaining that organizations relying on Hyper-V, including data centers, cloud providers, enterprise IT environments and development platforms are at risk. These potential impacts include, Walters said:All of this means that Windows users should treat this month’s Patch Tuesday as seriously as any other, if not more so, given the nature of these zero-day exploits. Given the ongoing exploitation, Walters recommended that applying the available security update should be a priority. Organizations should also strengthen their security posture, Walters concluded, “restrict local access, enforce strong authentication and segment critical systems,” he said.One Community. Many Voices. Create a free account to share your thoughts. Our community is about connecting people through open and thoughtful conversations. We want our readers to share their views and exchange ideas and facts in a safe space.In order to do so, please follow the posting rules in our site’s Terms of Service. We’ve summarized some of those key rules below. Simply put, keep it civil.Your post will be rejected if we notice that it seems to contain:User accounts will be blocked if we notice or believe that users are engaged in:So, how can you be a power user?Thanks for reading our community guidelines. Please read the full list of posting rules found in our site’s Terms of Service.
