Microsoft Patch Tuesday – December 2025

Outpost24’s December 2025 Patch Tuesday summary reports 57 Microsoft vulnerabilities addressed, including three zero-days (one actively exploited). Notable fixes include a use-after-free in the Windows Cloud Files Mini Filter Driver (CVE-2025-62221) enabling local privilege escalation and improper input handling in Copilot and PowerShell (CVE-2025-64671, CVE-2025-54100) allowing local code execution; organisations are advised to promptly apply updates.