Microsoft Patch Tuesday December 2025, (Tue, Dec 9th)

Category :

SANS Full Feed

Posted On :

December 9, 2025

This release addresses 57 vulnerabilities. 3 of these vulnerabilities are rated critical. One vulnerability was already exploited, and two were publicly disclosed before the patch was released.

CVE-2025-62221: This privilege escalation vulnerability in the Microsoft Cloud Files Mini Filters driver is already being exploited.

CVE-2025-54100: A PowerShell script using Invoke-WebRequest may execute scripts that are included in the response. This is what Invoke-WebRequest is supposed to do. The patch adds a warning suggesting adding the -UseBasicParsing parameter to avoid executing scripts.

CVE-2025-64671: The GitHub Copilot plugin for JetBrains may lead to remote code execution. This is overall an issue with many AI code assistance as they have far-reaching access to the IDE.

The critical vulnerabilities are remote code execution vulnerabilities in Office and Outlook.

 

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Application Information Service Elevation of Privilege Vulnerability
%%cve:2025-62572%% No No Important 7.8 6.8
Azure Monitor Agent Remote Code Execution Vulnerability
%%cve:2025-62550%% No No Important 8.8 7.7
DirectX Graphics Kernel Denial of Service Vulnerability
%%cve:2025-62463%% No No Important 6.5 5.7
%%cve:2025-62465%% No No Important 6.5 5.7
DirectX Graphics Kernel Elevation of Privilege Vulnerability
%%cve:2025-62573%% No No Important 7.0 6.1
GitHub Copilot for Jetbrains Remote Code Execution Vulnerability
%%cve:2025-64671%% Yes No Important 8.4 7.3
Microsoft Access Remote Code Execution Vulnerability
%%cve:2025-62552%% No No Important 7.8 6.8
Microsoft Brokering File System Elevation of Privilege Vulnerability
%%cve:2025-62469%% No No Important 7.0 6.1
%%cve:2025-62569%% No No Important 7.0 6.1
Microsoft Edge (Chromium-based) for Mac Spoofing Vulnerability
%%cve:2025-62223%% No No Low 4.3 3.8
Microsoft Excel Remote Code Execution Vulnerability
%%cve:2025-62561%% No No Important 7.8 6.8
%%cve:2025-62563%% No No Important 7.8 6.8
%%cve:2025-62564%% No No Important 7.8 6.8
%%cve:2025-62553%% No No Important 7.8 6.8
%%cve:2025-62556%% No No Important 7.8 6.8
%%cve:2025-62560%% No No Important 7.8 6.8
Microsoft Exchange Server Elevation of Privilege Vulnerability
%%cve:2025-64666%% No No Important 7.5 6.5
Microsoft Exchange Server Spoofing Vulnerability
%%cve:2025-64667%% No No Important 5.3 4.6
Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
%%cve:2025-62455%% No No Important 7.8 6.8
Microsoft Office Remote Code Execution Vulnerability
%%cve:2025-62554%% No No Critical 8.4 7.3
%%cve:2025-62557%% No No Critical 8.4 7.3
Microsoft Outlook Remote Code Execution Vulnerability
%%cve:2025-62562%% No No Critical 7.8 6.8
Microsoft SharePoint Server Spoofing Vulnerability
%%cve:2025-64672%% No No Important 8.8 7.7
Microsoft Word Remote Code Execution Vulnerability
%%cve:2025-62555%% No No Important 7.0 6.1
%%cve:2025-62558%% No No Important 7.8 6.8
%%cve:2025-62559%% No No Important 7.8 6.8
PowerShell Remote Code Execution Vulnerability
%%cve:2025-54100%% Yes No Important 7.8 6.8
Win32k Elevation of Privilege Vulnerability
%%cve:2025-62458%% No No Important 7.8 6.8
Windows Camera Frame Server Monitor Information Disclosure Vulnerability
%%cve:2025-62570%% No No Important 7.1 6.2
Windows Client-Side Caching Elevation of Privilege Vulnerability
%%cve:2025-62466%% No No Important 7.8 6.8
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
%%cve:2025-62454%% No No Important 7.8 6.8
%%cve:2025-62457%% No No Important 7.8 6.8
%%cve:2025-62221%% No Yes Important 7.8 6.8
Windows Common Log File System Driver Elevation of Privilege Vulnerability
%%cve:2025-62470%% No No Important 7.8 6.8
Windows DWM Core Library Elevation of Privilege Vulnerability
%%cve:2025-64679%% No No Important 7.8 6.8
%%cve:2025-64680%% No No Important 7.8 6.8
Windows Defender Firewall Service Information Disclosure Vulnerability
%%cve:2025-62468%% No No Important 4.4 3.9
Windows DirectX Information Disclosure Vulnerability
%%cve:2025-64670%% No No Important 6.5 5.7
Windows File Explorer Elevation of Privilege Vulnerability
%%cve:2025-64658%% No No Important 7.5 6.5
%%cve:2025-62565%% No No Important 7.3 6.4
Windows Hyper-V Denial of Service Vulnerability
%%cve:2025-62567%% No No Important 5.3 4.6
Windows Installer Elevation of Privilege Vulnerability
%%cve:2025-62571%% No No Important 7.8 6.8
Windows Projected File System Elevation of Privilege Vulnerability
%%cve:2025-62461%% No No Important 7.8 6.8
%%cve:2025-62462%% No No Important 7.8 6.8
%%cve:2025-62464%% No No Important 7.8 6.8
%%cve:2025-55233%% No No Important 7.8 6.8
%%cve:2025-62467%% No No Important 7.8 6.8
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
%%cve:2025-62472%% No No Important 7.8 6.8
%%cve:2025-62474%% No No Important 7.8 6.8
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
%%cve:2025-62456%% No No Important 8.8 7.7
Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
%%cve:2025-62473%% No No Important 6.5 5.7
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
%%cve:2025-62549%% No No Important 8.8 7.7
%%cve:2025-64678%% No No Important 8.8 7.7
Windows Shell Elevation of Privilege Vulnerability
%%cve:2025-64661%% No No Important 7.8 6.8
Windows Storage VSP Driver Elevation of Privilege Vulnerability
%%cve:2025-64673%% No No Important 7.8 6.8
%%cve:2025-59516%% No No Important 7.8 6.8
%%cve:2025-59517%% No No Important 7.8 6.8


Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.