Microsoft closed out 2025 with patches for 56 security flaws in various products across the Windows platformincluding one vulnerability that has been actively exploited in the wild.

Of the 56 flawsthree are rated Criticaland 53 are rated Important in severity. Two other defects are listed as publicly known at the time of the release. These include 29 privilege escalation18 remote code executionfour information disclosurethree denial-of-serviceand two spoofing vulnerabilities.

In totalMicrosoft has addressed a total of 1,275 CVEs in 2025according to data compiled by Fortra. Tenable's Satnam Narang said 2025 also marks the second consecutive year where the Windows maker has patched over 1,000 CVEs. It's the third time it has done so since Patch Tuesday's inception.

The update is in addition to 17 shortcomings the tech giant patched in its Chromium-based Edge browser since the release of the November 2025 Patch Tuesday update. This also consists of a spoofing vulnerability in Edge for iOS (CVE-2025-62223CVSS score: 4.3).

The vulnerability that has come under active exploitation is CVE-2025-62221 (CVSS score: 7.8)a use-after-free in Windows Cloud Files Mini Filter Driver that could allow an authorized attacker to elevate privileges locally and obtain SYSTEM permissions.

"File system filter driversaka minifiltersattach to the system software stackand intercept requests targeted at a file systemand extend or replace the functionality provided by the original target," Adam Barnettlead software engineer at Rapid7said in a statement. "Typical use cases include data encryptionautomated backupon-the-fly compressionand cloud storage."

Cybersecurity

"The Cloud Files minifilter is used by OneDriveGoogle DriveiCloudand othersalthough as a core Windows componentit would still be present on a system where none of those apps were installed."

It's currently not known how the vulnerability is being abused in the wild and in what contextbut successful exploitation requires an attacker to obtain access to a susceptible system through some other means. Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have been credited with discovering and reporting the flaw.

According to Mike Walterspresident and co-founder of Action1a threat actor could gain low-privileged access through methods like phishingweb browser exploitsor another known remote code execution flawand then chain it with CVE-2025-62221 to seize control of the host.

Armed with this accessthe attacker could deploy kernel components or abuse signed drivers to evade defenses and maintain persistenceand can be weaponized to achieve a domain-wide compromise when coupled with credential theft scenarios.

The exploitation of CVE-2025-62221 has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to the Known Exploited Vulnerabilities (KEV) catalogmandating Federal Civilian Executive Branch (FCEB) agencies to apply the patch by December 302025.

The remaining two zero-days are listed below -

  • CVE-2025-54100 (CVSS score: 7.8) - A command injection vulnerability in Windows PowerShell that allows an unauthorized attacker to execute code locally
  • CVE-2025-64671 (CVSS score: 8.4) - A command injection vulnerability in GitHub Copilot for JetBrains that allows an unauthorized attacker to execute code locally

"This is a command injection flaw in how Windows PowerShell processes web content," Action1's Alex Vovk said about CVE-2025-54100. "It lets an unauthenticated attacker execute arbitrary code in the security context of a user who runs a crafted PowerShell commandsuch as Invoke-WebRequest."

"The threat becomes significant when this vulnerability is combined with common attack patterns. For examplean attacker can use social engineering to persuade a user or admin to run a PowerShell snippet using Invoke-WebRequestallowing a remote server to return crafted content that triggers the parsing flaw and leads to code execution and implant deployment."

It's worth noting that CVE-2025-64671 comes in the wake of a broader set of security vulnerabilities collectively named IDEsaster that was recently disclosed by security researcher Ari Marzouk. The issues arise as a result of adding agentic capabilities to an integrated development environment (IDE)exposing new security risks in the process.

These attacks leverage prompt injections against the artificial intelligence (AI) agents embedded into IDEs and combine them with the base IDE layer to result in information disclosure or command execution.

"This uses an 'old' attack chain of using a vulnerable toolso not exactly part of the IDEsaster novel attack chain," Marzoukwho is credited with discovering and reporting the flawtold The Hacker News. "Specificallya vulnerable 'execute command' tool where you can bypass the user-configured allow list."

Cybersecurity

Marzouk also said multiple IDEs were found vulnerable to the same attackincluding Kiro.devCursor (CVE-2025-54131)JetBrains Junie (CVE-2025-59458)Gemini CLIWindsurfand Roo Code (CVE-2025-54377CVE-2025-57771and CVE-2025-65946). FurthermoreGitHub Copilot for Visual Studio Code has been found to be susceptible to the vulnerabilityalthoughin this caseMicrosoft assigned it a "Medium" severity rating with no CVE.

"The vulnerability states that it's possible to gain code execution on affected hosts by tricking the LLM into running commands that bypass the guardrails and appending instructions in the user's 'auto-approve' settings," Kev Breensenior director of cyber threat research at Immersivesaid.

"This can be achieved through 'Cross Prompt Injection,' which is where the prompt is modified not by the user but by the LLM agents as they craft their own prompts based on the content of files or data retrieved from a Model Context Protocol (MCP) server that has risen in popularity with agent-based LLMs."

Software Patches from Other Vendors

In addition to Microsoftsecurity updates have also been released by other vendors over the past several weeks to rectify multiple vulnerabilitiesincluding —

Found this article interesting? Follow us on Google NewsTwitter and LinkedIn to read more exclusive content we post.