Advertisement
Subscribe to our daily newsletter.
Subscribe

Microsoft’s last Patch Tuesday of 2025 addresses 57 defects, including one zero-day

Microsoft closed out the year with 1,139 total defects patched, making it the second-largest year in volume behind 2020, according to Trend Micro.

By

Listen to this article
0:00
Learn more. This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment.
Microsoft Headquarters
A sign is seen at the Microsoft headquarters on July 3, 2024, in Redmond, Washington. (David Ryder/Getty Images)

Microsoft addressed 57 vulnerabilities affecting its various products for business operations and core systems, including one actively exploited zero-day, the company said in its latest monthly security update.

The zero-day vulnerability — CVE-2025-62221 — affects the Windows Cloud Files Mini Filter Driver and has a CVSS rating of 7.8. Attackers could exploit the use-after-free defect to gain system privileges, Microsoft said. 

“These types of bugs are often combined with a code execution bug to take over a system,” Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative, said in a blog post, adding that the vulnerability appears to affect every supported version of Windows.

The Cybersecurity and Infrastructure Security Agency added the zero-day to its known exploited vulnerabilities catalog Tuesday. 

Advertisement

Microsoft’s final Patch Tuesday release of the year brings the total number of vulnerabilities patched by the vendor in 2025 to 1,139 CVEs, according to Childs. “This makes 2025 the second-largest year in volume, trailing 2020 by a mere 11 CVEs. As Microsoft’s portfolio continues to increase and as AI bugs become more prevalent, this number is likely to go higher in 2026,” he said.

Microsoft disclosed no critical vulnerabilities this month. The most severe defects it disclosed include five high-severity vulnerabilities — CVE-2025-62456 and CVE-2025-64678 affecting the Windows Resilient File System, CVE-2025-62549 affecting the Windows Routing and Remote Access Service, CVE-2025-62550 affecting the Azure Monitor Agent, CVE-2025-64672 affecting Microsoft Office SharePoint — each with CVSS ratings of 8.8.

Microsoft flagged six vulnerabilities as more likely to be exploited this month, including the zero-day, CVE-2025-59516 and CVE-2025-59517 affecting the Windows Storage VSP Driver, CVE-2025-62458 affecting Windows Win32K, CVE-2025-62470 affecting the Windows Common Log File System Driver and CVE-2025-62472 affecting the Windows Remote Access Connection Manager.

The full list of vulnerabilities addressed this month is available in Microsoft’s Security Response Center.

Advertisement
Advertisement

More Like This

Advertisement

Top Stories

Advertisement

More Scoops

Latest Podcasts

What happens if CISA 2015 lapses?

Breaking down the latest era of Chinese cyberespionage with Booz Allen’s Nate Beach-Westmoreland

How Visa’s CISO turns a ‘paranoid and pessimisitic mindset’ into positive security outcomes

What security teams should do to prepare for the quantum computing future

Government

Technology

Threats

Policy