2025年12月11日星期四

Microsoft Monthly Security Update (December 2025)

Microsoft Monthly Security Update (December 2025)

Release Date: 10 Dec 2025

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
BrowserLow Risk Low RiskSpoofing 
WindowsMedium Risk Medium RiskElevation of Privilege
Remote Code Execution
Information Disclosure
Denial of Service		CVE-2025-62221 is being exploited in the wild.. This vulnerability exist in Windows Cloud Files Mini Filter Driver. Successful exploitation of this vulnerability could allow a local authorized attacker to elevate privileges on the affected system.  Hence, the risk level of this vulnerability is rated as Medium Risk. 
Extended Security Updates (ESU)Medium Risk Medium RiskElevation of Privilege
Information Disclosure
Remote Code Execution
Spoofing
Denial of Service		 
Microsoft OfficeMedium Risk Medium RiskRemote Code Execution
Spoofing		 
Server SoftwareMedium Risk Medium RiskSpoofing
Elevation of Privilege		 
AzureMedium Risk Medium RiskRemote Code Execution 
OtherMedium Risk Medium RiskRemote Code Execution 

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 6

Number of 'Low Risk' product(s): 1

Evaluation of overall 'Risk Level': Medium Risk

Impact

  • Remote Code Execution
  • Denial of Service
  • Information Disclosure
  • Elevation of Privilege
  • Spoofing

System / Technologies affected

  • Azure
  • Browser
  • Extended Security Updates (ESU)
  • Microsoft Office
  • Server Software
  • Windows
  • Other

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

Vulnerability Identifier

Source

Related Link

沒有留言:

發佈留言

訂閱: 發佈留言 (Atom)

蘋果產品多個漏洞

蘋果產品多個漏洞 發佈日期: 2025年12月15日 風險: 極高度風險 類型: 操作系統 - 流動裝置及操作系統 於蘋果產品發現多個漏洞。遠端...