Microsoft's December Security Update Of High-Risk Vulnerability Notice For Multiple Products
Security Boulevard, December 11,2025
On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Exchange Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution.
Among the vulnerabilities fixed by Microsoft's monthly update this month, there are 3 critical vulnerabilities and 53 important (Important) vulnerabilities. These include 3 0day vulnerabilities:
Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability (CVE-2025-62221)
GitHub Copilot for Jetbrains Remote Code Execution Vulnerability (CVE-2025-64671)
PowerShell Remote Code Execution Vulnerability (CVE-2025-54100)
Please update the patch as soon as possible for protection. For a complete list of vulnerabilities, please refer to the appendix.