January 2025 Third-Party Patches: Notable Vulnerabilities and Updates

The first month of 2025 is behind us, and it’s time to review our data. January’s activity was fairly average: 115 versions were released across 82 applications, addressing 90 unique vulnerabilities.

Notable Vulnerabilities in January 2025 Third-Party Patches 

There were 4 critical vulnerabilities in January. The first critical vulnerability, CVE-2021-3711, affects OpenSSL and impacts Snagit 2023 for Mac. More information about this release is available in the Snagit release notes, while details on the dependency vulnerability can be found in OpenSSL’s security advisory. 

Another critical vulnerability, CVE-2025-0247, affects Mozilla Firefox. In Firefox 133, several memory safety bugs were identified. Some of these bugs showed signs of memory corruption, suggesting that, with sufficient effort, they could be exploited to execute arbitrary code. More information is available in the security advisory. 

CVE-2025-21613 affects the Datadog Agent on Windows, which uses go‑git. More details are available in the GitHub release notes, and additional information about the dependency vulnerability can be found in the go‑git GitHub advisory.   

Finally, the fourth critical vulnerability, CVE-2024-45337, affects Prometheus. Prometheus is an instrumentation library for Go applications. More details are available in its release notes in GitHub. 

Browser Security Updates in January 2025 

Browser	Vulnerabilities	Updates
Google Chrome	17	4
Microsoft Edge	24	5
Brave Browser	15	2
Pale Moon	2	1
Mozilla Firefox	9	1
Mozilla Firefox ESR 115	2	1
Mozilla Firefox ESR 128	7	1
Waterfox	14	1

Microsoft Product Updates Included in January 2025 Third-Party Patches 

In addition to Edge, Microsoft released updates for the following products: 

• Microsoft 365 Apps 
• Microsoft Visual Studio Feedback Client 2017 
• Microsoft Visual Studio 2017 Professional 
• Microsoft Visual Studio 2022 Enterprise 
• Microsoft Edge Webview2 Runtime 
• Microsoft Edge for Business 
• Microsoft Visual Studio Team Explorer 2022 
• Microsoft Visual Studio Team Explorer 2019 
• Microsoft Visual Studio 2019 Community 
• Microsoft Visual Studio 2019 Enterprise 
• Microsoft Visual Studio 2022 Professional 
• Microsoft Visual Studio 2022 Community 
• Microsoft Visual Studio 2019 Professional 
• Microsoft ASP.NET Core Runtime 9.0 
• Microsoft .NET Runtime 9.0 
• Microsoft ASP.NET Core Runtime 8.0 
• Microsoft .NET SDK 8.0 
• Microsoft .NET SDK 9.0 
• Microsoft .NET Runtime 8.0 
• Microsoft Edge WebDriver 
• Microsoft Windows Desktop Runtime 8.0 
• Microsoft Windows Desktop Runtime 9.0 
• Microsoft ASP.NET Core Runtime Hosting Bundle 8.0 
• Microsoft ASP.NET Core Runtime Hosting Bundle 9.0 
• Microsoft Visual Studio 2017 Community 
• Microsoft Visual Studio 2017 Enterprise 
• Microsoft Visual Studio Team Explorer 2017 
• Microsoft Azure Kubelogin 
• Microsoft Remote Desktop 

Detailed List of January 2025 Third-Party Patches 

For a complete list of applications, versions, and the number of remediated vulnerabilities, see the table below generated using Application Workspace data.  

ProductName	VersionName	Vulnerabilities remediated
Brave Browser	1.74.48	13
Brave Browser	1.74.50	2
Burp Suite Community Edition	2025.1	13
Burp Suite Professional Edition	2025.1	13
ClamAV	1.4.2	1
Datadog Agent	7.61.0	2
Electron	31.7.7	3
Electron	33.3.2	3
Electron	32.3.0	6
Electron	32.2.8	1
Git	2.47.1.2	6
GitHub Desktop	3.4.13	4
Google Chrome for Business	132.0.6834.84	13
Google Chrome for Business	132.0.6834.160	1
Google Chrome for Business	132.0.6834.111	2
Google Chrome for Business	131.0.6778.265	1
Google Go Programming Language 1.22	1.22.11	2
Google Go Programming Language 1.23	1.23.5	2
Helm	3.17.0	1
JetBrains ReSharper 2024	2024.2.8	1
JetBrains ReSharper 2024	2024.3.4	1
Microsoft .NET Runtime 8.0	8.0.12.34403	3
Microsoft .NET Runtime 8.0	8.0.12	3
Microsoft .NET Runtime 9.0	9.0.1	4
Microsoft .NET SDK 8.0	8.4.524.60408	3
Microsoft .NET SDK 8.0	8.0.405	3
Microsoft .NET SDK 9.0	9.0.102	4
Microsoft 365 Apps	2412 (Build 16.0.18324.20190)	12
Microsoft 365 Apps	2411 (Build 16.0.18227.20222)	12
Microsoft 365 Apps	2408 (Build 16.0.17928.20392)	12
Microsoft 365 Apps	16.93.25011212	5
Microsoft ASP.NET Core Runtime 8.0	8.0.12	3
Microsoft ASP.NET Core Runtime 8.0	8.0.12.24603	3
Microsoft ASP.NET Core Runtime 9.0	9.0.1	4
Microsoft ASP.NET Core Runtime Hosting Bundle 8.0	8.0.12.24603	3
Microsoft ASP.NET Core Runtime Hosting Bundle 9.0	9.0.1	4
Microsoft Azure Kubelogin	0.1.7	1
Microsoft Edge for Business	131.0.2903.147	1
Microsoft Edge for Business	131.0.2903.146	1
Microsoft Edge for Business	132.0.2957.115	18
Microsoft Edge for Business	132.0.2957.140	1
Microsoft Edge for Business	132.0.2957.127	3
Microsoft Edge WebDriver	131.0.2903.146	1
Microsoft Edge Webview2 Runtime	131.0.2903.146	1
Microsoft Remote Desktop	1.2.5906.0	1
Microsoft Remote Desktop	1.2.5807.0	1
Microsoft Visual Studio 2017 Community	15.9.35706.162	4
Microsoft Visual Studio 2017 Enterprise	15.9.35706.162	4
Microsoft Visual Studio 2017 Professional	15.9.35706.162	4
Microsoft Visual Studio 2019 Community	16.11.35706.149	4
Microsoft Visual Studio 2019 Enterprise	16.11.35706.149	4
Microsoft Visual Studio 2019 Professional	16.11.35706.149	4
Microsoft Visual Studio 2022 Community	17.12.35707.178	7
Microsoft Visual Studio 2022 Enterprise	17.6.35707.66	6
Microsoft Visual Studio 2022 Enterprise	17.8.35707.121	6
Microsoft Visual Studio 2022 Enterprise	17.10.35707.196	6
Microsoft Visual Studio 2022 Enterprise	17.12.35707.178	7
Microsoft Visual Studio 2022 Professional	17.12.35707.178	7
Microsoft Visual Studio 2022 Professional	17.8.35707.121	6
Microsoft Visual Studio 2022 Professional	17.10.35707.196	6
Microsoft Visual Studio 2022 Professional	17.6.35707.66	6
Microsoft Visual Studio Feedback Client 2017	15.9.35706.162	4
Microsoft Visual Studio Team Explorer 2017	15.9.35706.162	4
Microsoft Visual Studio Team Explorer 2019	16.11.35706.149	4
Microsoft Visual Studio Team Explorer 2022	17.12.35707.178	7
Microsoft Windows Desktop Runtime 8.0	8.0.12.34404	3
Microsoft Windows Desktop Runtime 9.0	9.0.1	4
Mozilla Firefox	134.0	9
Mozilla Firefox ESR 115	115.19.0	2
Mozilla Firefox ESR 128	128.6.0	7
Mozilla Thunderbird ESR 128	128.6.0	7
Node.js 18 LTS	18.20.6	3
Node.js 20 LTS	20.18.2	4
Node.js 22 LTS	22.13.1	4
Node.js 23	23.6.1	4
NoMachine	8.15.3	2
NoMachine Enterprise Client	8.15.3	2
NoMachine Enterprise Desktop	8.15.3	2
Oracle Java Runtime Environment Version 8	8.0.4410.07	1
Oracle Java SE Development Kit 11	11.0.26.0	1
Oracle Java SE Development Kit 17	17.0.14.0	1
Oracle Java SE Development Kit 8	8.0.4410.07	1
Oracle VirtualBox 7	7.0.24	2
Oracle VirtualBox 7	7.1.6	2
Pale Moon	33.5.1	2
Prometheus	3.1.0	1
Red Hat OpenJDK	17.0.14.0.7	1
Red Hat OpenJDK	21.0.6.0.7	1
Red Hat OpenJDK	17.00140.7.1	1
Red Hat OpenJDK	21.0060.7.1	1
Red Hat OpenJDK JRE	21.0.6.0.7	1
Red Hat OpenJDK JRE	17.00140.7.1	1
Red Hat OpenJDK JRE	17.0.14.0.7	1
Red Hat OpenJDK JRE	21.0060.7.1	1
Rider 2024	2024.3.4	1
Rider 2024	2024.2.8	1
Snagit 2023	2023.3.3	2
Tabby	1.0.218	1
TeamCity	2024.12.1	3
TeamDrive	5.2.1.3665	2
TeamViewer	15.62.4	1
TeamViewer	15.62.4.0	1
TeamViewer Host	15.62.4	1
TeamViewer Host	15.62.4.0	1
TeamViewer QuickSupport	15.62.4.0	1
Waterfox	6.5.3	14
Zulu JDK 11 (LTS)	11.78.15	1
Zulu JDK 17 (LTS)	17.56.15	1
Zulu JDK 21 (LTS)	21.40.17	1
Zulu JDK 23 (STS)	23.32.11	1
Zulu JRE 11 (LTS)	11.78.15	1
Zulu JRE 17 (LTS)	17.56.15	1
Zulu JRE 21 (LTS)	21.40.17	1
Zulu JRE 23 (STS)	23.32.11	1

Conclusion 

Timely third-party patching remains essential for protecting your IT environment. January 2025’s updates addressed a range of vulnerabilities—including four critical issues—that could impact system security if left unpatched. By staying current with these patches, you strengthen your defenses and support ongoing operational stability. Keep following our monthly updates for more insights on maintaining a secure, resilient infrastructure.

To further understand the impact of third-party patching on your security, explore the eBook Reduce Your Attack Footprint and follow our App Management and Patching thread.