Welcome to our combined .NET servicing updates for January 2025. Let’s get into the latest release of .NET & .NET Framework, here is a quick overview of what’s new in these releases:
Security improvements
This month you will find several CVEs that have been fixed this month:
| CVE # | Title | Applies to |
|---|---|---|
| CVE-2025-21171 | .NET Remote Code Execution Vulnerability | .NET 9.0 |
| CVE-2025-21172 | .NET Remote Code Execution Vulnerability | .NET 8.0, .NET 9.0 |
| CVE-2025-21176 | .NET and .NET Framework Denial of Service Vulnerability | .NET 8.0, .NET 9.0, .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1 |
| CVE-2025-21173 | .NET Elevation of Privilege Vulnerability | .NET 8.0, .NET 9.0 |
.NET January 2025 Updates
Below you will find a detailed list of everything from the .NET release for January 2025 including .NET 9.0.1 and .NET 8.0.12:
| .NET 8.0 | .NET 9.0 | |
|---|---|---|
| Release Notes | 8.0.12 | 9.0.1 |
| Installers and binaries | 8.0.12 | 9.0.1 |
| Container Images | images | images |
| Linux packages | 8.0.12 | 9.0.1 |
| Known Issues | 8.0 | 9.0 |
.NET Improvements
Share feedback about this release in the Release feedback issue.
.NET Framework January 2025 Updates
This month, there are security and non-security updates, be sure to browse our release notes for .NET Framework for more details.
See you next month
Let us know what you think of these new combined service release blogs as we continue to iterate to bring you the latest news and updates for .NET.
The link for EF Core 8.0.12 goes to the Github page with an error saying `filter contains 1 issue – Invalid value 8.0.12 for milestone`. No work items are shown.