Microsoft<\/strong> immediately pushed updates to repair at the least 56 safety flaws in its Home windows<\/strong> working programs and supported software program. This last Patch Tuesday of 2025 tackles one zero-day bug that’s already being exploited, in addition to two publicly disclosed vulnerabilities.<\/p>\n

$\"\"$ <\/p>\n

Regardless of releasing a lower-than-normal variety of safety updates these previous few months, Microsoft patched a whopping 1,129 vulnerabilities in 2025, an 11.9% enhance from 2024. In accordance with Satnam Narang<\/strong> at Tenable<\/strong>, this yr marks the second consecutive yr that Microsoft patched over one thousand vulnerabilities, and the third time it has completed so since its inception.<\/p>\n

The zero-day flaw patched immediately is CVE-2025-62221<\/a>, a privilege escalation vulnerability affecting Home windows 10<\/strong> and later editions. The weak spot resides in a part known as the \u201cHome windows Cloud Information Mini Filter Driver<\/strong>\u201d \u2014 a system driver that permits cloud functions to entry file system functionalities.<\/p>\n

\u201cThat is notably regarding, because the mini filter is integral to providers like OneDrive, Google Drive, and iCloud, and stays a core Home windows part, even when none of these apps had been put in,\u201d mentioned Adam Barnett<\/strong>, lead software program engineer at Rapid7<\/strong>.<\/p>\n

Solely three of the failings patched immediately earned Microsoft\u2019s most-dire \u201ccrucial\u201d ranking: Each CVE-2025-62554<\/a> and CVE-2025-62557<\/a> contain Microsoft Workplace<\/strong>, and each can exploited merely by viewing a booby-trapped e-mail message within the Preview Pane. One other crucial bug \u2014 CVE-2025-62562<\/a> \u2014 includes Microsoft Outlook<\/strong>, though Redmond says the Preview Pane is just not an assault vector with this one.<\/p>\n

However based on Microsoft, the vulnerabilities more than likely to be exploited from this month\u2019s patch batch are different (non-critical) privilege escalation bugs, together with:<\/p>\n

\u2013CVE-2025-62458<\/a> \u2014 Win32k
\u2013 CVE-2025-62470<\/a> \u2014 Home windows Frequent Log File System Driver
\u2013 CVE-2025-62472<\/a> \u2014 Home windows Distant Entry Connection Supervisor
\u2013 CVE-2025-59516<\/a> \u2014 Home windows Storage VSP Driver
\u2013 CVE-2025-59517<\/a> \u2014 Home windows Storage VSP Driver<\/p>\n

Kev Breen<\/strong>, senior director of menace analysis at Immersive<\/strong>, mentioned privilege escalation flaws are noticed in nearly each incident involving host compromises.<\/p>\n

\u201cWe don\u2019t know why Microsoft has marked these particularly as extra probably, however the majority of those elements have traditionally been exploited within the wild or have sufficient technical element on earlier CVEs that it might be simpler for menace actors to weaponize these,\u201d Breen mentioned. \u201cBoth means, whereas not actively being exploited, these must be patched sooner slightly than later.\u201d<\/p>\n

One of many extra fascinating vulnerabilities patched this month is CVE-2025-64671<\/a>, a distant code execution flaw within the Github Copilot Plugin for Jetbrains<\/strong>\u00a0AI-based coding assistant that’s utilized by Microsoft and GitHub. Breen mentioned this flaw would enable attackers to execute arbitrary code by tricking the massive language mannequin (LLM) into operating instructions that bypass the guardrails and add malicious directions within the consumer\u2019s \u201cauto-approve\u201d settings.<\/p>\n

CVE-2025-64671 is a part of a broader, extra systemic safety disaster that safety researcher Ari Marzuk<\/strong> has branded IDEsaster<\/a> (IDE\u00a0 stands for \u201cbuilt-in growth atmosphere\u201d), which encompasses greater than 30 separate vulnerabilities reported in practically a dozen market-leading AI coding platforms, together with Cursor<\/strong>, Windsurf<\/strong>, Gemini CLI<\/strong>, and Claude Code<\/strong>.<\/p>\n

The opposite publicly-disclosed vulnerability patched immediately is CVE-2025-54100<\/a>, a distant code execution bug in Home windows Powershell<\/strong> on Home windows Server 2008 and later that enables an unauthenticated attacker to run code within the safety context of the consumer.<\/p>\n

For anybody in search of a extra granular breakdown of the safety updates Microsoft pushed immediately, try the roundup on the SANS Web Storm Middle<\/a>. As all the time, please depart a notice within the feedback in case you expertise issues making use of any of this month\u2019s Home windows patches.<\/p>\n<\/p><\/div>\n\n","protected":false},"excerpt":{"rendered":"