Microsoft November 2025 Patch Tuesday Fixes 1 Zero-Day, 63 Flaws
Summary:
As part of the Microsoft November Patch Tuesday, the vendor issued security updates to address 63 flaws, including one actively exploited zero-day. Of the 63 flaws addressed, there were 29 Elevation of Privilege Vulnerabilities, 2 Security Feature Bypass Vulnerabilities, 16 Remote Code Execution Vulnerabilities, 11 Information Disclosure Vulnerabilities, 3 Denial of Service Vulnerabilities, and 2 Spoofing Vulnerabilities. Four flaws have been rated critical, which could allow actors to execute code remotely, elevate privileges, and access sensitive information:
The zero-day fixed by Microsoft is being tracked as CVE-2025-62215. CVE-2025-62215 is a Windows Kernel flaw that enables actors to gain SYSTEM privileges on targeted systems. The vulnerability stems from a race condition wherein concurrent execution using a shared resource occurs without proper synchronization. By exploiting this condition, actors could elevate their privileges locally, effectively gaining full control over the affected system.
Although Microsoft stated it is aware of attacks in the wild leveraging CVE-2025-62215, it has not shared the details of these intrusions. To prevent further exploitation, the vendor recommends users apply the updates released as soon as possible.
Suggested Corrections:
Organizations should review the list of vulnerabilities resolved and apply the relevant patches as needed. To access the full list of vulnerabilities addressed, please use the link below:
https://www.bleepingcomputer.com/mi...ts/Microsoft-Patch-Tuesday-November-2025.html
Link(s):
https://www.bleepingcomputer.com/ne...2025-patch-tuesday-fixes-1-zero-day-63-flaws/
As part of the Microsoft November Patch Tuesday, the vendor issued security updates to address 63 flaws, including one actively exploited zero-day. Of the 63 flaws addressed, there were 29 Elevation of Privilege Vulnerabilities, 2 Security Feature Bypass Vulnerabilities, 16 Remote Code Execution Vulnerabilities, 11 Information Disclosure Vulnerabilities, 3 Denial of Service Vulnerabilities, and 2 Spoofing Vulnerabilities. Four flaws have been rated critical, which could allow actors to execute code remotely, elevate privileges, and access sensitive information:
- CVE-2025-62199: Microsoft Office Remote Code Execution Vulnerability
- CVE-2025-30398: Nuance PowerScribe 360 Information Disclosure Vulnerability
- CVE-2025-62214: Visual Studio Remote Code Execution Vulnerability
- CVE-2025-60716: DirectX Graphics Kernel Elevation of Privilege Vulnerability
- Adobe released security updates for InDesign, InCopy, PhotoShop, Illustrator, Substance 3D, Pass, and Adobe Format.
- Cisco released patches for multiple products, including Cisco ASA, Unified Contact Center, and Identity services. Cisco also warned this month that a new attack was discovered exploiting older flaws.
- expr-eval developers released patches to fix a critical RCE in the JavaScript library.
- Fortinet released a security update for a medium-severity elevation of privileges flaw in FortiOS.
- Google has released the Android's November security bulletin with fixes for two vulnerabilities.
- Ivanti released security patches as part of its November 2025 Patch Tuesday updates.
- runC security updates fix flaws allowing attackers to escape Docker and Kubernetes containers.
- QNAP released security updates for seven zero-day vulnerabilities exploited to hack network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 hacking contest.
- SAP released the November security updates for multiple products, including a fix for a 10/10 harcoded credentials flaw in SQL Anywhere Monitor.
- Samsung released its November security updates with fixes for 25 flaws.
The zero-day fixed by Microsoft is being tracked as CVE-2025-62215. CVE-2025-62215 is a Windows Kernel flaw that enables actors to gain SYSTEM privileges on targeted systems. The vulnerability stems from a race condition wherein concurrent execution using a shared resource occurs without proper synchronization. By exploiting this condition, actors could elevate their privileges locally, effectively gaining full control over the affected system.
Although Microsoft stated it is aware of attacks in the wild leveraging CVE-2025-62215, it has not shared the details of these intrusions. To prevent further exploitation, the vendor recommends users apply the updates released as soon as possible.
Suggested Corrections:
Organizations should review the list of vulnerabilities resolved and apply the relevant patches as needed. To access the full list of vulnerabilities addressed, please use the link below:
https://www.bleepingcomputer.com/mi...ts/Microsoft-Patch-Tuesday-November-2025.html
Link(s):
https://www.bleepingcomputer.com/ne...2025-patch-tuesday-fixes-1-zero-day-63-flaws/