- 264/2025
- High
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed one actively exploited and two publicly disclosed zero-day vulnerabilities.
Microsoft has fixed (57) vulnerabilities that could allow the attacker to gain elevated privileges, perform denial of service attacks, obtain sensitive information, or execute arbitrary code and gain access to the affected systems.
December’s Patch Tuesday was released to fix security flaws in several Microsoft products, such as Microsoft Excel, Microsoft Office SharePoint, Windows DirectX, Windows Routing and Remote Access Service (RRAS), Windows Hyper-V, Windows Installer, Windows Shell, Microsoft Brokering File System, Windows PowerShell, and Windows Projected File System.
The actively exploited zero-day vulnerability in December’s Patch is:
- Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability “CVE- 2025-62221” allows the attacker to gain SYSTEM privileges.
The publicly disclosed zero-day flaws are:
- GitHub Copilot for Jetbrains Remote Code Execution Vulnerability “CVE-2025- 64671” allows the attacker to execute commands locally.
- PowerShell Remote Code Execution Vulnerability “CVE-2025-54100” allows the unauthorized attacker to execute code locally.
Sample of the addressed vulnerabilities:
1. Windows Resilient File System (ReFS) Remote Code Execution Vulnerability (CVE-2025-62456):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Access
2. Windows Shell Elevation of Privilege Vulnerability (CVE-2025-64661):
- CVSS: 7.8
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Privilege
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.