November 2025 Patch Tuesday: One Zero-Day and Five Critical Vulnerabilities Among 63 CVEs

This report summarizes multiple high-severity vulnerabilities disclosed in a Patch Tuesday bulletin, notably an actively exploited Windows kernel zero-day (CVE-2025-62215) enabling local privilege escalation to SYSTEM, a critical remote code execution flaw in GDI+ (CVE-2025-60724), and additional critical issues in Microsoft Office, DirectX, Visual Studio, and Nuance PowerScribe; it provides CVSS scores, exploitation characteristics, affected versions, and recommends mitigation and patch prioritization using the CrowdStrike Falcon platform.