Microsoft security patch release for CVE-2025-62221
Security Patch Release
Summary
Hide ▲
Show ▼
Microsoft's December 2025 Patch Tuesday fixes 57 flaws, including CVE-2025-62221 and two publicly disclosed zero-days, reducing exposure to local privilege escalation and code execution. The release covers Windows Cloud Files Mini Filter Driver, GitHub Copilot for JetBrains, and PowerShell. Microsoft says the Windows flaw was actively exploited and could grant SYSTEM privileges. The bulletin also includes three Critical remote code execution vulnerabilities.
Related Happenings
Microsoft security patch release for CVE-2026-42824
Security Patch Release
H score30
First: 15.06.2026 16:00
Last: 15.06.2026 16:00
Sources 1
About this happening:
Microsoft's **fix for SearchLeak** in **Microsoft 365 Copilot Enterprise** closed a **critical** flaw tied to **CVE-2026-42824** that could expose **mailbox, OneDrive, and SharePo...
Microsoft security patch release for CVE-2026-42824
Security Patch ReleaseAbout this happening: Microsoft's **fix for SearchLeak** in **Microsoft 365 Copilot Enterprise** closed a **critical** flaw tied to **CVE-2026-42824** that could expose **mailbox, OneDrive, and SharePo...
Microsoft June 2026 Patch Tuesday (200 flaws, 3 zero-days)
Security Patch Release
H score37
First: 09.06.2026 20:57
Last: 09.06.2026 20:57
Sources 1
About this happening:
**Microsoft** released its **June 2026 Patch Tuesday**, delivering security updates for **200 flaws** and **three publicly disclosed zero-days** across Windows and related compone...
Microsoft June 2026 Patch Tuesday (200 flaws, 3 zero-days)
Security Patch ReleaseAbout this happening: **Microsoft** released its **June 2026 Patch Tuesday**, delivering security updates for **200 flaws** and **three publicly disclosed zero-days** across Windows and related compone...
Microsoft hit by cyberattack
Incident
H score68
First: 09.06.2026 18:42
Last: 09.06.2026 18:42
Sources 1
About this happening:
A **Microsoft** GitHub repository removal incident in **June 2026** disrupted **continuous integration pipelines** and briefly broke **Azure/functions-action** workflows used by d...
Microsoft hit by cyberattack
IncidentAbout this happening: A **Microsoft** GitHub repository removal incident in **June 2026** disrupted **continuous integration pipelines** and briefly broke **Azure/functions-action** workflows used by d...
Microsoft security patch release for CVE-2026-45659
Security Patch Release
H score23
First: 26.05.2026 14:49
Last: 26.05.2026 14:49
Sources 1
About this happening:
Microsoft released **SharePoint** updates for **CVE-2026-45659**, a **remote code execution** flaw that could let an authenticated attacker run code over the network without eleva...
Microsoft security patch release for CVE-2026-45659
Security Patch ReleaseAbout this happening: Microsoft released **SharePoint** updates for **CVE-2026-45659**, a **remote code execution** flaw that could let an authenticated attacker run code over the network without eleva...
Microsoft MDASH enters limited private preview for AI-driven vulnerability discovery at scale
Security Tool/Service
H score26
First: 13.05.2026 16:46
Last: 13.05.2026 16:46
Sources 1
About this happening:
Microsoft's **MDASH** has entered **limited private preview**, adding a new **AI-driven vulnerability discovery** service that can validate and prove exploitable defects at scale....
Microsoft MDASH enters limited private preview for AI-driven vulnerability discovery at scale
Security Tool/ServiceAbout this happening: Microsoft's **MDASH** has entered **limited private preview**, adding a new **AI-driven vulnerability discovery** service that can validate and prove exploitable defects at scale....
Timeline
-
09.12.2025 20:38 2 articles · 7mo ago
Microsoft December 2025 Patch Tuesday release
Initial DisclosureMicrosoft's December 2025 Patch Tuesday resolves 57 flaws, including CVE-2025-62221, an actively exploited Windows Cloud Files Mini Filter Driver elevation-of-privilege vulnerability, and two publicly disclosed zero-days, CVE-2025-64671 in GitHub Copilot for Jetbrains and CVE-2025-54100 in PowerShell.
Show sources
- Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws — www.bleepingcomputer.com — 09.12.2025 20:38
- Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws — www.bleepingcomputer.com — 09.12.2025 20:38
-
09.12.2025 20:38 1 articles · 7mo ago
Technical details for the December 2025 zero-days
Technical Analysis UpdateMicrosoft says CVE-2025-62221 in Windows Cloud Files Mini Filter Driver is a use-after-free that lets an authorized attacker elevate privileges locally to SYSTEM, CVE-2025-64671 in GitHub Copilot for Jetbrains can be abused through malicious Cross Prompt Injection in untrusted files or MCP servers to execute additional commands locally, and CVE-2025-54100 in PowerShell can run script code when Invoke-WebRequest retrieves web content unless -UseBasicParsing is used.
Show sources
- Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws — www.bleepingcomputer.com — 09.12.2025 20:38