January 2025 News and Updates

  • New Website – If you haven’t already, please check out our new website. We’ve updated the look and feel and made it easier to find the information about our services, pricing, coverage area, etc.
  • Massive Update Count – Happy New Year, here’s 161 (or 159 or 209, depending on who you ask) new updates including eight zero day vulnerabilities that are being actively exploited. Details below but, for those playing along at home, this is the biggest batch since October 2017.
  • Zero Day Vulnerability discovered in FortiOS – According to the article, this vulnerability affects FortiOS Versions between 7.0.14 and 7.0.16 and the malicious activity started around November 2024. We’ve written a number of articles (here and here, for example) and this latest zero day highlights the importance of ensuring that you’re keeping up-to-date on patches and watching your logs for strange traffic.
  • Policy Update – Starting 1 January 2025, a 3% surcharge will be added to any credit card payment of $1,000 or more. Additional information is available on our policies and procedures page here.
  • New Email Security Partner – We have onboarded several clients onto the Proofpoint Essentials platform for things like email filtering, email encryption, archiving and more and the feedback has been overwhelmingly positive.
  • Upcoming End of Life for Windows 10 – We’re officially under one year before the Windows 10 End of Life (EOL), currently scheduled for 14 October 2025. Prior to that date, you will need to make certain that all Windows 10 computers are either upgraded (Windows 11 Requirements) or replaced. Additional information is available from Microsoft here.
  • Updated Requirements for Windows 11? There have been rumors that the hardware requirements for Windows 11 are being adjusted to accommodate some older hardware. I haven’t seen anything official yet but it’s an interesting turn of events.
  • Client Forms – In an effort to make requesting support easier for common tasks (onboarding and offboarding users, for example), we are launching a number of forms that clients can use to request support. Links to the forms are located at the top of our website under Client Forms.

Updates

MicrosoftMicrosoft has rung in the new year with a staggering 161 updates (some sites are reporting 159 and some are reporting as many as 209) including eight zero day vulnerabilities (three being actively exploited in the wild, CVE-2025-21333, CVE-2025-21334, CVE-2025-21335 – Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability ), 12 critical vulnerabilities . I’ve included links below to a number of sites with additional information on all of the updates and the vulnerabilities that have been patched.

Microsoft releases regular updates the second Tuesday of each month, often referred to as ‘Patch Tuesday’. These updates are categorized as Low, Moderate, Important or Critical. Details on the categories are available here. The updates can include any supported Microsoft product from Windows to Office to Internet Explorer and server products like Exchange and SQL Server. If you have one or more of these products installed, especially if the update is listed as Important or Critical, it’s important that the updates are installed.

Additional details on this months Microsoft updates are available from Krebs on Security, SANS Internet Storm Center, Tenable and Bleeping Computer .


Adobe has released a total of five security bulletins to address vulnerabilities in Photoshop, Substance3D Stager and Designer, Illustrator for iPad and Animate. All of these updates are rated critical and users are encouraged to update as soon as possible.

Like Microsoft, Adobe now releases updates to their products on the second Tuesday of each month. Adobe will also release ‘out of band’ updates if necessary to address critical vulnerabilities in their products. Adobe products include Adobe Reader (for viewing PDF files), Adobe Flash Player (often used to watch videos, for interactive content like games, etc.), Adobe Shockwave and the Adobe Creative Suite (Photoshop, Illustrator, Acrobat, Lightroom, etc

Additional details are available from Adobe Here including links to download the update(s) and instructions for installation.


Need IT Support for your Home or Business? We’d love to help!

Are you a small to medium sized business looking to leverage technology and enable your business and workforce to work smarter and more efficiently?  Do you already have computers, servers, firewalls, VPNs or other technology that you’re not taking full advantage of?  Are you looking for an IT Service Provider who understands small to medium sized businesses needs and the challenges that we face that can work with you to grow your business rather than just sell you time?

Cyber Tech Cafe an  IT Service Company with a focus on helping small to medium business get the most out of their technology investment.  As a small business ourselves, we understand the challenges you face and have designed our service offerings to help you get the most out of your technology dollar.  We offer on-call, as needed support if you just need a quick fix or extra set of hands right now.  We also offer maintenance plans that we call “MyIT” that are designed to address the most common concerns (patch management, disaster recovery / backup, log review, etc.) that are based on the number of workstations and servers that you have and have no term contract.  We believe that, if you find value in what we’re doing, you’ll find a way to keep us around without contract saying that you have to.

If you have questions about the MyIT plans or have an IT need that you need addressed right now, let us know.  We look forward to the opportunity to earn your business.

Article Submitted by Nathan J. Underwood, CEH