Article Details

Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws. Today is Microsoft's November 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited zero-day vulnerability. This Patch Tuesday also addresses four "Critical" vulnerabilities, two of which are remote code execution vulnerabilities, one is an elevation of privileges, and the fourth is an information disclosure flaw. The number of bugs in each vulnerability category is listed below: When BleepingComputer reports on the Patch Tuesday security updates, we only count those released today by Microsoft. Therefore, the number of flaws does not include Microsoft Edge and Mariner vulnerabilities fixed earlier this month. Today is also the first extended security update (ESU) for Windows 10, so if you are still utilizing the unsupported operating system, it is strongly advised that you upgrade to Windows 11 or enroll in the ESU program. For those who are having issues enrolling in the program, Microsoft released an out-of-band update today to fix an bug that prevents enrollments. To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5066835 and KB5066793 updates. If you're facing delays, blind spots, or prioritization issues with Patch Tuesday updates, join our December 2 webinar with Action1 to learn how modern patch management helps you patch faster and reduce risk. 1 actively exploited zero-day This month's Patch Tuesday fixes one actively exploited zero-day flaw in the Windows Kernel. Microsoft classifies a zero-day flaw as publicly disclosed or actively exploited while no official fix is available. The exploited zero-days is: CVE-2025-62215 - Windows Kernel Elevation of Privilege Vulnerability Microsoft has patched a Windows Kernel flaw that was exploited to gain SYSTEM privilges on Windows devices. "Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally," explains Microsoft. Microsoft says that the flaw requires an attackers to win a race condition, upon which they receive SYSTEM privileges. Microsoft has attributed the flaw to Microsoft Threat Intelligence Center (MSTIC) & Microsoft Security Response Center (MSRC)  but has not shared how the flaw was exploited. Recent updates from other companies Other vendors who released updates or advisories in November 2025 include: The November 2025 Patch Tuesday Security Updates Below is the complete list of resolved vulnerabilities in the November 2025 Patch Tuesday updates. To access the full description of each vulnerability and the systems it affects, you can view the full report here. 7 Security Best Practices for MCP As MCP (Model Context Protocol) becomes the standard for connecting LLMs to tools and data, security teams are moving fast to keep these new services safe. This free cheat sheet outlines 7 best practices you can start using today.