On December 9, Microsoft released its December 2025 Patch Tuesday release, the final Patch Tuesday update of the year. This month’s update addresses 56 CVEs with three rated as critical and 53 rated as important. This month's update included one vulnerability that was exploited in the wild as a zero-day as well as two vulnerabilities publicly disclosed prior to patches being made available. Elevation of privilege (EoP) vulnerabilities accounted for 50% of the vulnerabilities patched this month, followed by remote code execution (RCE) vulnerabilities at 33.9%.

CVE-2025-62221 is an EoP vulnerability in the Windows Cloud Files Mini Filter Driver. It was assigned a CVSSv3 score of 7.8 and rated as important. A local, authenticated attacker could exploit this vulnerability to elevate to SYSTEM privileges. According to Microsoft, this vulnerability was exploited in the wild as a zero-day.

The two zero-days which were publicly disclosed prior to patches being released are CVE-2025-64671 and CVE-2025-54100. CVE-2025-64671 is a RCE vulnerability in the GitHub Copilot Plugin for JetBrains Integrated Development Environments (IDEs). CVE-2025-54100 is a RCE vulnerability in Windows PowerShell.

This month’s update includes patches for:

• Application Information Services
• Azure Monitor Agent
• Copilot
• Microsoft Brokering File System
• Microsoft Edge for iOS
• Microsoft Exchange Server
• Microsoft Graphics Component
• Microsoft Office
• Microsoft Office Access
• Microsoft Office Excel
• Microsoft Office Outlook
• Microsoft Office SharePoint
• Microsoft Office Word
• Storvsp.sys Driver
• Windows Camera Frame Server Monitor
• Windows Client-Side Caching (CSC) Service
• Windows Cloud Files Mini Filter Driver
• Windows Common Log File System Driver
• Windows DWM Core Library
• Windows Defender Firewall Service
• Windows DirectX
• Windows Hyper-V
• Windows Installer
• Windows Message Queuing
• Windows PowerShell
• Windows Projected File System
• Windows Projected File System Filter Driver
• Windows Remote Access Connection Manager
• Windows Resilient File System (ReFS)
• Windows Routing and Remote Access Service (RRAS)
• Windows Shell
• Windows Storage VSP Driver
• Windows Win32K - GRFX

For more information, please visit our blog.