Microsoft wrapped up 2025 by releasing patches for 56 security vulnerabilities across various products within the Windows platform. This final update of the year included addressing one vulnerability that was actively being exploited in the wild. Overall, the flaws consisted of 29 privilege escalation, 18 remote code execution, four information disclosure, three denial-of-service, and two spoofing issues. According to Fortra, Microsoft addressed a total of 1,275 CVEs in 2025, marking the second consecutive year, and the third time overall since Patch Tuesday began, that the company patched over 1,000 CVEs.
The vulnerability under active exploitation is CVE-2025-62221, a use-after-free defect in the Windows Cloud Files Mini Filter Driver. This flaw, which has a CVSS score of 7.8, could allow an authorized attacker to elevate privileges locally to obtain SYSTEM permissions. File system filter drivers, or minifilters, intercept file system requests and are typically used for functions like cloud storage, encryption, or backup. The Cloud Files minifilter is a core Windows component used by services like OneDrive and Google Drive, and its presence is not dependent on those applications being installed.
Successful exploitation of CVE-2025-62221 requires an attacker to first gain access to a susceptible system through other means, such as phishing or web browser exploits. Once low-privileged access is obtained, this flaw can be chained with the initial compromise to seize control of the host, allowing the attacker to deploy kernel components or abuse signed drivers to maintain persistence and potentially achieve a domain-wide compromise. Due to its active exploitation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerabilities catalog, requiring federal agencies to apply the patch by December 30, 2025.
In addition to the actively exploited flaw, two other zero-days were disclosed, both being command injection vulnerabilities. The first, CVE-2025-54100 (CVSS score: 7.8), is in Windows PowerShell and allows an unauthenticated attacker to execute arbitrary code in the security context of a user who runs a crafted PowerShell command, such as Invoke-WebRequest. The threat is significant when an attacker uses social engineering to trick a user into running the vulnerable command. The second, CVE-2025-64671 (CVSS score: 8.4), affects GitHub Copilot for JetBrains, which allows an unauthorized attacker to execute code locally. This vulnerability is related to a broader set of security risks, collectively named IDEsaster, arising from adding AI agentic capabilities to integrated development environments (IDEs).
The GitHub Copilot vulnerability leverages prompt injections against the embedded AI agents, tricking the large language model into running commands that bypass guardrails by appending instructions in the user’s auto-approve settings. This is achieved through a technique called Cross Prompt Injection, where the AI agent modifies the prompt based on file content or data from a Model Context Protocol server. Multiple IDEs were found vulnerable to similar attacks. This final security update also included 17 shortcomings patched in the Chromium-based Edge browser since the November update, including a spoofing vulnerability in Edge for iOS.
Reference:
