Microsoft’s Latest Patch Tuesday Update Fixes a Zero-Day Vulnerability
The zero-day is actively exploited.
Microsoft released its latest Patch Tuesday update for Windows on Tuesday, Nov. 11. This update comes with 63 patches for Windows flaws, including a patch for a zero-day vulnerability. Importantly, according to Microsoft, the company is aware that this zero-day has been actively exploited.
Taken together, the flaws in this Patch Tuesday update include the following:
- 29 Elevation of Privilege Vulnerabilities
- 2 Security Feature Bypass Vulnerabilities
- 16 Remote Code Execution Vulnerabilities
- 11 Information Disclosure Vulnerabilities
- 3 Denial of Service Vulnerabilities
- 2 Spoofing Vulnerabilities
While all updates are important to patch as soon as possible, the most important patch is for the zero-day vulnerability. A zero-day is a flaw that is either publicly disclosed or actively exploited before the developer is able to patch it. In this case, this zero-day does have a known exploit, which puts users without the patch in jeopardy.
The zero-day in question, tracked as CVE-2025-62215, is a Windows Kernel elevation of privilege vulnerability, which can be exploited to gain SYSTEM privileges on PCs.
As this update contains a serious patch, it is important to update your PC to the latest software version. You’ll find the option in Start > Settings > Windows Update.
Share This
