Microsoft’s November 2025 update fixes over 60 flaws, including Windows kernel zero-day
Microsoft has released its November 2025 Patch Tuesday updates, addressing more than 60 security vulnerabilities across its product lineup, including an actively exploited zero-day issue.
The said zero-day flaw, tracked as CVE-2025-62215, is a Windows kernel elevation of privilege vulnerability, which exists due to a race condition within the OS kernel. It has been exploited in the wild to gain SYSTEM-level privileges on affected Windows devices.
The company credited the discovery of the flaw to the Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) but did not disclose details on how the vulnerability was being exploited in real-world attacks.
November 2025 Patch Tuesday also covers multiple remote code execution vulnerabilities across Windows, Office, Azure, and other Microsoft products. Users and system administrators are strongly advised to apply the updates as soon as possible to mitigate the risk of exploitation.
