- Microsoft Patch Tuesday fixes 56 vulnerabilities, including one actively exploited zero-day
- Key flaws: CVE-2025-62221 privilege escalation, Copilot RCE, PowerShell Invoke-WebRequest RCE
- Updates bring Copilot UI tweaks, File Explorer fixes, and PowerShell warnings
Microsoft has released this month’s Patch Tuesday cumulative update, fixing a total of 56 vulnerabilities found across the Windows ecosystem. All of the bugs are labeled at least ‘important’ in severity, and one of them is being actively exploited in the wild as a zero-day.
In the security advisory, which lists all of the vulnerabilities fixed (and which can be found on this link) Microsoft said it addressed a use-after-free vulnerability in Windows Cloud Files Mini Filter Driver, which allows threat actors to locally elevate privileges.
This vulnerability, which is allegedly exploited in the wild already, is now tracked as CVE-2025-62221, and has a severity score of 7.8/10 (high).
Catch the price drop- Get 30% OFF for Enterprise and Business plans
The Black Friday campaign offers 30% off for Enterprise and Business plans for a 1- or 2-year subscription. It’s valid until December 10th, 2025. Customers must enter the promo code BLACKB2B-30 at checkout to redeem the offer.View Deal
Privilege escalation fixes and UI improvements
Commenting on the news, Kev Breen, Senior Director of Cyber Threat Research at Immersive, hinted it was about time Microsoft fixed it: “This isn’t the first time we have seen this component being actively exploited in recent years, with several other CVEs affecting this component,” he said in a statement shared with TechRadar Pro.
Another notable bug is a remote code execution flaw in GitHub Copilot for JetBrains. Tracked as CVE-2025-64671, and rated 8.4/10 (high), this flaw allows threat actors to inject malicious commands via Cross Prompt Injects. The caveat is that the exploit must be triggered locally.
There is also an improper command sanitation vulnerability in Invoke-WebRequest, which leads to PowerShell remote code execution (RCE). This bug, tracked as CVE-2025-54100, and given a severity score of 7.8/10 (high), allows an attacker who already has local (or user-level) access to execute arbitrary code with that user’s privileges.
The majority of other vulnerabilities are privilege escalation flaws affecting different Windows components. Microsoft also introduced multiple bug fixes and feature improvements, such as tweaks to the Copilot user interface, bug fixes in File Explorer, and execution warnings in PowerShell 5.1.
Via The Hacker News
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
