CVE-2025-21314
published 2025-01-14CVE-2025-21314: Windows SmartScreen Spoofing Vulnerability Windows SmartScreen Spoofing Vulnerability
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
EPSS
1.37%
68.3th percentile
Windows SmartScreen Spoofing Vulnerability
Windows SmartScreen Spoofing Vulnerability
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.7699 | 10.0.14393.7699 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.6775 | 10.0.17763.6775 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.5371 | 10.0.19044.5371 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.5371 | 10.0.19045.5371 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.4751 | 10.0.22621.4751 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.4751 | 10.0.22631.4751 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.4751 | 10.0.22631.4751 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.2894 | 10.0.26100.2894 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.7699 | 10.0.14393.7699 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.6775 | 10.0.17763.6775 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.3091 | 10.0.20348.3091 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.2894 | 10.0.26100.2894 |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1809 | — | — |
| msrc | windows_10_version_21h2 | — | — |
| msrc | windows_10_version_22h2 | — | — |
| msrc | windows_11_version_22h2 | — | — |
| msrc | windows_11_version_23h2 | — | — |
| msrc | windows_11_version_24h2 | — | — |
| msrc | windows_server_2016 | — | — |
| msrc | windows_server_2019 | — | — |
| msrc | windows_server_2022 | — | — |
| msrc | windows_server_2022_23h2_edition | — | — |
| msrc | windows_server_2025 | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
cvelistv56.5MEDIUM
vendor_msrc6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CVEList
Windows SmartScreen Spoofing Vulnerability
cvelistv5·2025-01-14·CVSS 6.5
CVE-2025-21314 [MEDIUM] CWE-451 Windows SmartScreen Spoofing Vulnerability
Windows SmartScreen Spoofing Vulnerability
Windows SmartScreen Spoofing Vulnerability
Microsoft
Windows SmartScreen Spoofing Vulnerability
vendor_msrc·2025-01-14·CVSS 6.5
CVE-2025-21314 [MEDIUM] CWE-451 Windows SmartScreen Spoofing Vulnerability
Windows SmartScreen Spoofing Vulnerability
FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
An attacker would have to send the victim a malicious file that the victim would have to execute.
Windows SmartScreen: Windows SmartScreen
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Spoofing
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5050009
Reference: https://support.microsoft.com/help/5050009
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5050008
Reference: https://support.microsoft.com/help/5050008
Reference: https://catalog.update.microsoft.com/v7/site
No detection rules found.
No public exploits indexed.
Bleepingcomputer
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
blogs_bleepingcomputer·2025-01-14·CVSS 7.8
[HIGH] Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
## Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
## Lawrence Abrams
40 Elevation of Privilege Vulnerabilities
14 Security Feature Bypass Vulnerabilities
58 Remote Code Execution Vulnerabilities
24 Information Disclosure Vulnerabilities
20 Denial of Service Vulnerabilities
5 Spoofing Vulnerabilities
To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5050009 & KB5050021 cumulative updates and the Windows 10 KB5048652 cumulative update.
## Three actively exploited zero-day disclosed
This month's Patch Tuesday fixes three actively exploited and five publicly exposed zero-day vulnerabilities.
Microsoft classifies a zero-day flaw as one that is publicly disclosed or actively exploited while no offi
Qualys
Microsoft and Adobe Patch Tuesday, January 2025 Security Update Review
blogs_qualys·2025-01-14
Microsoft and Adobe Patch Tuesday, January 2025 Security Update Review
## Table of Contents
Microsoft Patch Tuesday for January 2025
Adobe Patches for January 2025
Zero-day Vulnerabilities Patched in January Patch Tuesday Edition
Critical Severity Vulnerabilities Patched in January Patch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR)
Rapid Response with Patch Management (PM)
EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
Qualys Monthly Webinar Series
Happy New Year! As the calendar turns to January 2025, Microsoft’s first Patch Tuesday of 2025 has arrived. From zero-days to critical vulnerabilities, here’s what deserves your attention. Here’s a breakdown of what’s been patched.
## Microsoft Patch Tu
Talos
Microsoft Patch Tuesday for January 2025 — Snort rules and prominent vulnerabilities
blogs_talos·2025-01-14·CVSS 8.1
CVE-2025-21309 [HIGH] Microsoft Patch Tuesday for January 2025 — Snort rules and prominent vulnerabilities
## Microsoft Patch Tuesday for January 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for January of 2025 which includes 159 vulnerabilities, including 12 that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”
One notable critically rated vulnerability that has been patched this month is CVE-2025-21309 , which is a remote code execution vulnerability affecting Windows Remote Desktop Services. Exploitation of this vulnerability could lead to arbitrary code execution on systems where the Remote Desktop Gateway role has been enabled. This vulnerability has been assigned a CVSS 3.1 score of 8.1 and is considered “more likely to be exploited” by Microsoft.
Another notable remote code execut
Qualys
Microsoft and Adobe Patch Tuesday, January 2025 Security Update Review | Qualys
blogs_qualys·2025-01-14
Microsoft and Adobe Patch Tuesday, January 2025 Security Update Review | Qualys
#### Table of Contents
- Microsoft Patch Tuesday for January 2025
- Adobe Patches for January 2025
- Zero-day Vulnerabilities Patched in January Patch Tuesday Edition
- Critical Severity Vulnerabilities Patched in January Patch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR)
- Rapid Response with Patch Management (PM)
- EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)
- Qualys Monthly Webinar Series
Happy New Year! As the calendar turns to January 2025, Microsoft’s first Patch Tuesday of 2025 has arrived. From zero-days to critical vulnerabilities, here’s what deserves your attention. Here’s a breakdown of what’s been patched.
## Micro
Talos
Microsoft Patch Tuesday for January 2025 — Snort rules and prominent vulnerabilities
blogs_talos·2025-01-14·CVSS 8.1
CVE-2025-21309 [HIGH] Microsoft Patch Tuesday for January 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for January of 2025 which includes 159 vulnerabilities, including 12 that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”
One notable critically rated vulnerability that has been patched this month is CVE-2025-21309, which is a remote code execution vulnerability affecting Windows Remote Desktop Services. Exploitation of this vulnerability could lead to arbitrary code execution on systems where the Remote Desktop Gateway role has been enabled. This vulnerability has been assigned a CVSS 3.1 score of 8.1 and is considered “more likely to be exploited” by Microsoft.
Another notable remote code execution vulnerability in Window Object Linking and Embedding (OLE) was also patched this month
2025-01-14
Published