Ref# ADV2025_12 | Date: Jan 15th 2025

---

Microsoft has published a security advisory highlighting vulnerabilities in the following products on January 14th, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated. 

• .NET – version 8.0  

• .NET – version 9.0  

• Marketplace SaaS  

• Microsoft 365 Apps for Enterprise – multiple versions and platforms  

• Microsoft Access 2016  

• Microsoft Defender for Endpoint  

• Microsoft Edge  

• Microsoft Excel 2016  

• Microsoft/Muzic  

• Microsoft Office – multiple versions and platforms  

• Microsoft Project 2016 – multiple versions and platforms  

• Microsoft Purview  

• Microsoft SharePoint Enterprise Server 2016  

• Microsoft SharePoint Server Subscription Edition  

• Microsoft SharePoint Server 2019  

• Microsoft Update Catalog  

• Microsoft Visual Studio – multiple versions  

• Microsoft Word 2016  

• Office Online Server  

• System Center 2019, 2022 and 2025  

• Windows 10 – multiple versions and platforms  

• Windows 11 – multiple versions and platforms  

• Windows Server – multiple versions and platforms 

For more information on these updates, you can follow these URLs: 

• January 2025 Release Notes 

• Security Update Guide 

The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary. 

PDF Download: Microsoft Security Advisory

References 

• Security Update Guide. (January 14th, 2024). Retrieved from Microsoft. https://msrc.microsoft.com/update-guide/en-us 
  

• Microsoft Security Advisory. (January 14th, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-january-2025-monthly-rollup-av25-021