Microsoft is starting the year with a bang with a major update of its OS, correcting numerous flaws.
Microsoft hit hard with Patch Tuesday of January 2025, stamped KB5050009, available via Windows Update. This security update, which fixes 159 vulnerabilities, marks a record for the publisher, far exceeding the volume of previous monthly updates. Among the fixes, several concern critical vulnerabilities, including three zero-day flaws linked to the Windows Hyper-V NT kernel, which could allow attackers to elevate their privileges. These flaws, already exploited, show the importance for users of keeping their system up to date.
Update KB5050009 also addresses five other zero-day vulnerabilities, affecting various components such as the Windows App Package Installer and Microsoft Access. Among the critical vulnerabilities fixed, issues in Windows OLE and Remote Desktop were also addressed. However, problems remain: players on Roblox’s ARM architecture must now download the game directly from the official website to access it, a constraint that raises questions about the impact of the patches on some users.
-Artificial intelligence, a key player in security
One of the notable innovations of this update lies in the use of artificial intelligence to detect certain vulnerabilities, as revealed by Satnam Narang, security researcher at Tenable. This technology had already discovered a critical flaw last December, highlighting its growing role in the fight against cyber threats. While the effectiveness of AI raises both hopes and concerns, Microsoft urges users not to wait to apply this crucial patch, once again illustrating the importance of proactivity in cybersecurity.
This article was reprinted on the Univers FreeBox website
