Close Menu
    Security

    Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws

    Marizas DimitrisBy Δεν υπάρχουν Σχόλια8 Mins Read


    is Microsoft’s November 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited zero-day vulnerability.

    This Patch Tuesday also addresses four “Critical” vulnerabilities, two of which are remote code execution vulnerabilities, one is an elevation of privileges, and the fourth is an information disclosure flaw.

    The number of bugs in each vulnerability category is listed below:

    Wiz
    • 29 Elevation of Privilege Vulnerabilities

    • 2 Security Feature Bypass Vulnerabilities

    • 16 Remote Code Execution Vulnerabilities

    • 11 Information Disclosure Vulnerabilities

    • 3 Denial of Service Vulnerabilities

    • 2 Spoofing Vulnerabilities

    When BleepingComputer reports on the Patch Tuesday security updates, we only count those released today by Microsoft. Therefore, the number of flaws does not include Microsoft Edge and Mariner vulnerabilities fixed earlier this month.

    Today is also the first extended security update (ESU) for Windows 10, so if you are still utilizing the unsupported operating system, it is strongly advised that you upgrade to Windows 11 or enroll in the ESU program.

    For those who are having issues enrolling in the program, Microsoft released an out-of-band update today to fix an that prevents enrollments.

    To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5066835 and KB5066793 updates.

    If you’re facing delays, blind spots, or prioritization issues with Patch Tuesday updates, join our December 2 webinar with Action1 to learn how modern patch management helps you patch faster and reduce risk.

    1 actively exploited zero-day

    This month’s Patch Tuesday fixes one actively exploited zero-day flaw in the Windows Kernel.

    Microsoft classifies a zero-day flaw as publicly disclosed or actively exploited while no official fix is available.

    The exploited zero-days is:

    CVE-2025-62215 – Windows Kernel Elevation of Privilege Vulnerability

    Microsoft has patched a Windows Kernel flaw that was exploited to gain SYSTEM privilges on Windows devices.

    “Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Kernel allows an authorized attacker to elevate privileges locally,” explains Microsoft.

    Microsoft says that the flaw requires an attackers to win a race condition, upon which they receive SYSTEM privileges.

    Microsoft has attributed the flaw to Microsoft Threat Intelligence Center (MSTIC) & Microsoft Security Response Center (MSRC)  but has not shared how the flaw was exploited.

    Recent updates from other companies

    Other vendors who released updates or advisories in November 2025 include:

    • Adobe released security updates for InDesign, InCopy, PhotoShop, Illustrator, Substance 3D, Pass, and Adobe Format.

    • Cisco released patches for multiple products, including Cisco ASA, Unified Contact Center, and Identity services. Cisco also warned this month that a new attack was discovered exploiting older flaws.

    • expr-eval developers released patches to fix a critical RCE in the JavaScript library.

    • Fortinet released a security update for a medium-severity elevation of privileges flaw in FortiOS.

    • Google has released the Android’s November security bulletin with fixes for two vulnerabilities.

    • Ivanti released security patches as part of its November 2025 Patch Tuesday updates.

    • runC security updates fix flaws allowing attackers to escape Docker and Kubernetes containers.

    • QNAP released security updates for seven zero-day vulnerabilities exploited to hack network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 hacking contest.

    • SAP released the November security updates for multiple products, including a fix for a 10/10 harcoded credentials flaw in SQL Anywhere Monitor.

    • Samsung released its November security updates with fixes for 25 flaws.

    The November 2025 Patch Tuesday Security Updates

    Below is the complete list of resolved vulnerabilities in the November 2025 Patch Tuesday updates.

    To access the full description of each vulnerability and the systems it affects, you can view the full report here.

































































    TagCVE IDCVE TitleSeverity
    Azure Monitor AgentCVE-2025-59504Azure Monitor Agent Remote Code Execution VulnerabilityImportant
    Customer Experience Improvement Program (CEIP)CVE-2025-59512Customer Experience Improvement Program (CEIP) Elevation of Privilege VulnerabilityImportant
    Dynamics 365 Field Service (online)CVE-2025-62211Dynamics 365 Field Service (online) Spoofing VulnerabilityImportant
    Dynamics 365 Field Service (online)CVE-2025-62210Dynamics 365 Field Service (online) Spoofing VulnerabilityImportant
    GitHub Copilot and Visual Studio CodeCVE-2025-62453GitHub Copilot and Visual Studio Code Security Feature Bypass VulnerabilityImportant
    Host Process for Windows TasksCVE-2025-60710Host Process for Windows Tasks Elevation of Privilege VulnerabilityImportant
    Microsoft Configuration ManagerCVE-2025-47179Configuration Manager Elevation of Privilege VulnerabilityImportant
    Microsoft Dynamics 365 (on-premises)CVE-2025-62206Microsoft Dynamics 365 (On-Premises) Information Disclosure VulnerabilityImportant
    Microsoft Graphics ComponentCVE-2025-60724GDI+ Remote Code Execution VulnerabilityImportant
    Microsoft OfficeCVE-2025-62216Microsoft Office Remote Code Execution VulnerabilityImportant
    Microsoft OfficeCVE-2025-62199Microsoft Office Remote Code Execution VulnerabilityCritical
    Microsoft Office ExcelCVE-2025-62200Microsoft Excel Remote Code Execution VulnerabilityImportant
    Microsoft Office ExcelCVE-2025-62201Microsoft Excel Remote Code Execution VulnerabilityImportant
    Microsoft Office ExcelCVE-2025-60726Microsoft Excel Information Disclosure VulnerabilityImportant
    Microsoft Office ExcelCVE-2025-62203Microsoft Excel Remote Code Execution VulnerabilityImportant
    Microsoft Office ExcelCVE-2025-62202Microsoft Excel Information Disclosure VulnerabilityImportant
    Microsoft Office ExcelCVE-2025-60727Microsoft Excel Remote Code Execution VulnerabilityImportant
    Microsoft Office ExcelCVE-2025-60728Microsoft Excel Information Disclosure VulnerabilityImportant
    Microsoft Office ExcelCVE-2025-59240Microsoft Excel Information Disclosure VulnerabilityImportant
    Microsoft Office SharePointCVE-2025-62204Microsoft SharePoint Remote Code Execution VulnerabilityImportant
    Microsoft Office WordCVE-2025-62205Microsoft Office Remote Code Execution VulnerabilityImportant
    Microsoft Streaming ServiceCVE-2025-59514Microsoft Streaming Service Proxy Elevation of Privilege VulnerabilityImportant
    Microsoft Wireless Provisioning SystemCVE-2025-62218Microsoft Wireless Provisioning System Elevation of Privilege VulnerabilityImportant
    Microsoft Wireless Provisioning SystemCVE-2025-62219Microsoft Wireless Provisioning System Elevation of Privilege VulnerabilityImportant
    Multimedia Class Scheduler Service (MMCSS)CVE-2025-60707Multimedia Class Scheduler Service (MMCSS) Driver Elevation of Privilege VulnerabilityImportant
    Nuance PowerScribeCVE-2025-30398Nuance PowerScribe 360 Information Disclosure VulnerabilityCritical
    OneDrive for AndroidCVE-2025-60722Microsoft OneDrive for Android Elevation of Privilege VulnerabilityImportant
    Role: Windows Hyper-VCVE-2025-60706Windows Hyper-V Information Disclosure VulnerabilityImportant
    SQL ServerCVE-2025-59499Microsoft SQL Server Elevation of Privilege VulnerabilityImportant
    Storvsp.sys DriverCVE-2025-60708Storvsp.sys Driver Denial of Service VulnerabilityImportant
    Visual StudioCVE-2025-62214Visual Studio Remote Code Execution VulnerabilityCritical
    Visual Studio Code CoPilot Chat ExtensionCVE-2025-62449Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass VulnerabilityImportant
    Visual Studio Code CoPilot Chat ExtensionCVE-2025-62222Agentic AI and Visual Studio Code Remote Code Execution VulnerabilityImportant
    Windows Administrator ProtectionCVE-2025-60721Windows Administrator Protection Elevation of Privilege VulnerabilityImportant
    Windows Administrator ProtectionCVE-2025-60718Windows Administrator Protection Elevation of Privilege VulnerabilityImportant
    Windows Ancillary Function Driver for WinSockCVE-2025-62217Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportant
    Windows Ancillary Function Driver for WinSockCVE-2025-60719Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportant
    Windows Ancillary Function Driver for WinSockCVE-2025-62213Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportant
    Windows Bluetooth RFCOM Protocol DriverCVE-2025-59513Windows Bluetooth RFCOM Protocol Driver Information Disclosure VulnerabilityImportant
    Windows Broadcast DVR User ServiceCVE-2025-59515Windows Broadcast DVR User Service Elevation of Privilege VulnerabilityImportant
    Windows Broadcast DVR User ServiceCVE-2025-60717Windows Broadcast DVR User Service Elevation of Privilege VulnerabilityImportant
    Windows Client-Side Caching (CSC) ServiceCVE-2025-60705Windows Client-Side Caching Elevation of Privilege VulnerabilityImportant
    Windows Common Log File System DriverCVE-2025-60709Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
    Windows DirectXCVE-2025-59506DirectX Graphics Kernel Elevation of Privilege VulnerabilityImportant
    Windows DirectXCVE-2025-60716DirectX Graphics Kernel Elevation of Privilege VulnerabilityCritical
    Windows DirectXCVE-2025-60723DirectX Graphics Kernel Denial of Service VulnerabilityImportant
    Windows KerberosCVE-2025-60704Windows Kerberos Elevation of Privilege VulnerabilityImportant
    Windows KernelCVE-2025-62215Windows Kernel Elevation of Privilege VulnerabilityImportant
    Windows License ManagerCVE-2025-62208Windows License Manager Information Disclosure VulnerabilityImportant
    Windows License ManagerCVE-2025-62209Windows License Manager Information Disclosure VulnerabilityImportant
    Windows OLECVE-2025-60714Windows OLE Remote Code Execution VulnerabilityImportant
    Windows Remote DesktopCVE-2025-60703Windows Remote Desktop Services Elevation of Privilege VulnerabilityImportant
    Windows Routing and Remote Access Service (RRAS)CVE-2025-62452Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
    Windows Routing and Remote Access Service (RRAS)CVE-2025-59510Windows Routing and Remote Access Service (RRAS) Denial of Service VulnerabilityImportant
    Windows Routing and Remote Access Service (RRAS)CVE-2025-60715Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
    Windows Routing and Remote Access Service (RRAS)CVE-2025-60713Windows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityImportant
    Windows Smart CardCVE-2025-59505Windows Smart Card Reader Elevation of Privilege VulnerabilityImportant
    Windows SpeechCVE-2025-59507Windows Speech Runtime Elevation of Privilege VulnerabilityImportant
    Windows SpeechCVE-2025-59508Windows Speech Recognition Elevation of Privilege VulnerabilityImportant
    Windows SpeechCVE-2025-59509Windows Speech Recognition Information Disclosure VulnerabilityImportant
    Windows Subsystem for Linux GUICVE-2025-62220Windows Subsystem for Linux GUI Remote Code Execution VulnerabilityImportant
    Windows TDX.sysCVE-2025-60720Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege VulnerabilityImportant
    Windows WLAN ServiceCVE-2025-59511Windows WLAN Service Elevation of Privilege VulnerabilityImportant

    Wiz

    As MCP (Model Context Protocol) becomes the standard for connecting LLMs to tools and data, security teams are moving fast to keep these new services safe.

    This free cheat sheet outlines 7 best practices you can start using today.



    VIA: bleepingcomputer.com

    Related Posts


    Κυκλοφόρησαν οι αθροιστικές ενημερώσεις των Windows 11 KB5068861 & KB5068865
    Security
    Η επείγουσα ενημέρωση των Windows 10 διορθώνει το σφάλμα εγγραφής στο ESU
    Security
    Εξακολουθείτε να χρησιμοποιείτε Windows 10; Εγγραφείτε στη δωρεάν ESU πριν από το Patch Tuesday της επόμενης εβδομάδας
    Security
    Share.

    Ο Δημήτρης είναι παθιασμένος με την τεχνολογία και τις καινοτομίες της Samsung. Αγαπά να εξερευνά νέες ιδέες, να λύνει προβλήματα και να μοιράζεται τρόπους που κάνουν την τεχνολογία πιο ανθρώπινη και απολαυστική.

    Related Posts

    Add A Comment
    Leave A Reply