Forum Discussion
Microsoft’s November 2025 Patch Tuesday Addresses 63 CVEs
Microsoft’s November 2025 Patch Tuesday Addresses 63 CVEs
On November 11, Microsoft released its November 2025 Patch Tuesday release which patched 63 CVEs with five rated as critical and 58 rated as important. This month's update included one vulnerability that was exploited in the wild as a zero-day. Elevation of privilege (EoP) vulnerabilities accounted for 46% of the vulnerabilities patched this month, followed by remote code execution (RCE) vulnerabilities at 25.4%.
CVE-2025-62215 is an elevation of privilege vulnerability in the Windows Kernel. It was assigned a CVSSv3 score of 7.0 and rated important. A local, authenticated attacker could exploit this vulnerability by winning a race condition in order to gain SYSTEM privileges. According to Microsoft, this vulnerability was exploited in the wild as a zero-day.
This month’s update includes patches for:
- Azure Monitor Agent
- Customer Experience Improvement Program (CEIP)
- Dynamics 365 Field Service (online)
- GitHub Copilot and Visual Studio Code
- Host Process for Windows Tasks
- Microsoft Configuration Manager
- Microsoft Dynamics 365 (on-premises)
- Microsoft Graphics Component
- Microsoft Office
- Microsoft Office Excel
- Microsoft Office SharePoint
- Microsoft Office Word
- Microsoft Streaming Service
- Microsoft Wireless Provisioning System
- Multimedia Class Scheduler Service (MMCSS)
- Nuance PowerScribe
- OneDrive for Android
- Role: Windows Hyper-V
- SQL Server
- Storvsp.sys Driver
- Visual Studio
- Visual Studio Code CoPilot Chat Extension
- Windows Administrator Protection
- Windows Ancillary Function Driver for WinSock
- Windows Bluetooth RFCOM Protocol Driver
- Windows Broadcast DVR User Service
- Windows Client-Side Caching (CSC) Service
- Windows Common Log File System Driver
- Windows DirectX
- Windows Kerberos
- Windows Kernel
- Windows License Manager
- Windows OLE
- Windows Remote Desktop
- Windows Routing and Remote Access Service (RRAS)
- Windows Smart Card
- Windows Speech
- Windows Subsystem for Linux GUI
- Windows TDX.sys
- Windows WLAN Service
For more information, please visit our blog.
