The January 2025 Security Update Review

A Microsoft vulnerability listing enumerating dozens of CVEs across Windows, Office, Azure Marketplace and related components, including multiple Critical (CVSS up to 9.8) RCE and EoP vulnerabilities; a small number of entries are marked as actively exploited. The table provides severity, CVSS scores and exploited flags to help prioritize patching of high-impact issues such as Remote Desktop, OLE, Hyper-V, and other critical components.