Microsoft December 2025 Security Updates

Discussion in 'Software' started by NICK ADSL UK, Dec 9, 2025 at 1:25 PM.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    Microsoft December 2025 Security Updates

    This release consists of the following 57 Microsoft CVEs:
    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Windows PowerShell CVE-2025-54100
    Windows Projected File System CVE-2025-55233
    Windows Storage VSP Driver CVE-2025-59516
    Windows Storage VSP Driver CVE-2025-59517
    Windows Cloud Files Mini Filter Driver CVE-2025-62221
    Microsoft Edge for iOS CVE-2025-62223
    Windows Cloud Files Mini Filter Driver CVE-2025-62454
    Windows Message Queuing CVE-2025-62455
    Windows Resilient File System (ReFS) CVE-2025-62456
    Windows Cloud Files Mini Filter Driver CVE-2025-62457
    Windows Win32K - GRFX CVE-2025-62458
    Windows Projected File System Filter Driver CVE-2025-62461
    Windows Projected File System CVE-2025-62462
    Windows DirectX CVE-2025-62463
    Windows Projected File System CVE-2025-62464
    Windows DirectX CVE-2025-62465
    Windows Client-Side Caching (CSC) Service CVE-2025-62466
    Windows Projected File System CVE-2025-62467
    Windows Defender Firewall Service CVE-2025-62468
    Microsoft Brokering File System CVE-2025-62469
    Windows Common Log File System Driver CVE-2025-62470
    Windows Remote Access Connection Manager CVE-2025-62472
    Windows Routing and Remote Access Service (RRAS) CVE-2025-62473
    Windows Remote Access Connection Manager CVE-2025-62474
    Windows Routing and Remote Access Service (RRAS) CVE-2025-62549
    Azure Monitor Agent CVE-2025-62550
    Microsoft Office Access CVE-2025-62552
    Microsoft Office Excel CVE-2025-62553
    Microsoft Office CVE-2025-62554
    Microsoft Office Word CVE-2025-62555
    Microsoft Office Excel CVE-2025-62556
    Microsoft Office CVE-2025-62557
    Microsoft Office Word CVE-2025-62558
    Microsoft Office Word CVE-2025-62559
    Microsoft Office Excel CVE-2025-62560
    Microsoft Office Excel CVE-2025-62561
    Microsoft Office Outlook CVE-2025-62562
    Microsoft Office Excel CVE-2025-62563
    Microsoft Office Excel CVE-2025-62564
    Windows Shell CVE-2025-62565
    Windows Hyper-V CVE-2025-62567
    Microsoft Brokering File System CVE-2025-62569
    Windows Camera Frame Server Monitor CVE-2025-62570
    Windows Installer CVE-2025-62571
    Application Information Services CVE-2025-62572
    Windows DirectX CVE-2025-62573
    Windows Shell CVE-2025-64658
    Windows Shell CVE-2025-64661
    Microsoft Exchange Server CVE-2025-64666
    Microsoft Exchange Server CVE-2025-64667
    Microsoft Graphics Component CVE-2025-64670
    Copilot CVE-2025-64671
    Microsoft Office SharePoint CVE-2025-64672
    Storvsp.sys Driver CVE-2025-64673
    Windows Routing and Remote Access Service (RRAS) CVE-2025-64678
    Windows DWM Core Library CVE-2025-64679
    Windows DWM Core Library CVE-2025-64680

    We are republishing 13 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13630
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13631
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13632
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13633
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13634
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13635
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13636
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13637
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13638
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13639
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13640
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13720
    Chrome Microsoft Edge (Chromium-based) CVE-2025-13721

    Security Update Guide Blog Posts
    Date Blog Post
    October 31, 2025 You asked, we delivered: Introducing new features for an improved security experience
    October 28, 2025 Understanding CVE-2025-55315: What CISOs, security engineers, and sysadmins should know
    October 22, 2025 Toward greater transparency: Introducing machine-readable Vulnerability Exploitability Xchange (VEX) for Azure Linux and beyond
    November 12, 2024 Toward greater transparency: Publishing machine-readable CSAF files
    June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs
    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5071413 Windows Server 2022 Hotpatch
    5072014 Windows Server 2025 Hotpatch
    5071504 Windows Server 2008 (Monthly Rollup)
    5071507 Windows Server 2008 (Security-only update)
    5071542 Windows Server 23H2
    5071547 Windows Server 2022
    5072033 Windows 11, version 24H2, Windows 11, version 25H2, Server 2025
    Released: Dec 9, 2025

    December 2025 Security Updates - Release Notes - Security Update Guide - Microsoft
     
    NICK ADSL UK, Dec 9, 2025 at 1:25 PM
    #1
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds