520/68 Friday, December 12, 2025
Microsoft has released its December 2025 Patch Tuesday security updates, addressing a total of 57 vulnerabilities across a wide range of products, including Windows and Windows Components, Office, Microsoft Edge (Chromium-based), Exchange Server, Azure, Copilot, PowerShell, and Windows Defender. Of these, three vulnerabilities are rated Critical, while the remaining issues are classified as Important. Among the vulnerabilities patched this month, one has been confirmed as actively exploited: CVE-2025-62221 (CVSS 7.8), a flaw in the Windows Cloud Files Mini Filter Driver that allows an attacker with existing access to perform privilege escalation to SYSTEM. Microsoft explicitly noted that “exploitation has been detected.”
In addition, two vulnerabilities were publicly disclosed prior to the release of patches:
- CVE-2025-64671 – A Remote Code Execution (RCE) vulnerability in GitHub Copilot for JetBrains, which allows attackers to execute commands on a local system via cross-prompt injection originating from untrusted files or MCP servers. A proof-of-concept (PoC) exploit has already been published.
- CVE-2025-54100 – A Remote Code Execution vulnerability in PowerShell, caused by the processing of embedded scripts in web pages when using the
Invoke-WebRequestcommand. Microsoft has added guidance recommending the use of the-UseBasicParsingparameter to reduce the risk of executing unintended scripts.
Microsoft stated that full details of all vulnerabilities addressed in the December 2025 security updates are available in the official monthly patch documentation, and strongly urged users and organizations to apply updates immediately to mitigate risks from critical vulnerabilities and those already being actively exploited.
