Microsoft Patches Actively Exploited Zero-Day in December Update

Microsoft patches 57 vulnerabilities, including a zero-day exploit. Key updates involve PowerShell, GitHub Copilot, and Windows Cloud Files.

By Content Team

Dec 10, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Microsoft released patches for 57 vulnerabilities this month, including one zero-day bug that attackers are already exploiting. CVE-2025-62221 affects Windows Cloud Files Mini Filter Driver and lets attackers escalate privileges to system-level access once they're inside a network.

Two other flaws have public proof-of-concept exploits available: a PowerShell remote code execution bug and a GitHub Copilot vulnerability affecting JetBrains tools. Security experts say the Copilot flaw could let attackers use AI prompt injections to access development environments.

This December update is much lighter than earlier releases—Microsoft patched over 1,150 vulnerabilities in 2025, making it one of their busiest years ever.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

CitrixBleed 2 and Cisco Zero-Day Exploits Hit Organizations Before Patches Released

Nov 13, 2025

St. Anthony Hospital Data Breach Exposes 6,600+ Patients and Staff

Nov 23, 2025

SonicWall Blames Nation-State for Customer Portal Breach

Nov 6, 2025

Nissan Data Breach Exposed Social Security Numbers of 53,000 Employees

Dec 15, 2025