CISA has added a critical Windows zero-day vulnerability to its catalog, warning that CVE-2025-62221 is being actively exploited in attacks. The flaw affects the Windows Cloud Files Mini Filter Driver and allows attackers with initial access to escalate privileges and potentially take complete system control.
The use-after-free vulnerability enables authorized attackers to execute arbitrary code with elevated privileges. CISA added this threat to its catalog on December 9, 2025, with organizations required to remediate by December 30, 2025.
The compressed timeline reflects the severity of active exploitation. Organizations must immediately apply Microsoft mitigations or discontinue using affected systems until patches are available.
Source: Cybersecurity News