Microsoft fixes 60+ Windows vulnerabilities in November Patch Tuesday, including zero-day

TL;DR

Microsoft released fixes for more than 60 vulnerabilities across Windows and related products in the November Patch Tuesday cycle, including an actively exploited zero-day (CVE-2025-62215). Patches cover Windows, Office, SharePoint, SQL Server, Visual Studio, GitHub Copilot and Azure Monitor Agent; admins should also install an enrollment fix (KB5071959) for Windows 10 extended updates.

What happened

On Patch Tuesday in November 2025 Microsoft issued security updates addressing over 60 vulnerabilities affecting Windows and a range of Microsoft products. The company patched an active zero-day, CVE-2025-62215, a memory-corruption bug that Microsoft rated “important” because exploitation requires prior access to the target device. Among the more severe fixes are a 9.8-rated critical flaw in the GDI+ graphics library (CVE-2025-60274) and a critical Office remote-code-execution bug (CVE-2025-62199) that can be triggered by viewing a malicious message in the Preview Pane. Microsoft also released an out-of-band update to resolve enrollment problems for the Windows 10 Consumer Extended Security Update program; KB5071959 should be applied so those devices can receive the extra year of updates and subsequent patches such as KB5068781. Third-party vendors including Adobe and Mozilla have published updates, and a Chrome update is expected, which will also affect Edge.

Why it matters

• An actively exploited zero-day was fixed, meaning attackers have already targeted this vulnerability in the wild.
• A 9.8-rated GDI+ flaw affects a widely used graphics library present in many apps and services, raising the risk of widespread impact.
• A low-complexity Office RCE can be triggered simply by viewing a crafted message, increasing exposure for users who open email previews.
• Windows 10 systems remain affected despite Microsoft’s recent end-of-support cutoff; eligible users must enroll to keep receiving patches.

Key facts

• Microsoft addressed more than 60 vulnerabilities in this update cycle.
• Zero-day CVE-2025-62215 is a memory-corruption bug that Microsoft classed as "important" and said requires attacker access to the device.
• CVE-2025-60274 is a critical 9.8-rated vulnerability in GDI+, a core Windows graphics component used by many apps.
• CVE-2025-62199 is a critical Office remote-code-execution flaw exploitable via the Preview Pane.
• Affected products include Windows, Office, SharePoint, SQL Server, Visual Studio, GitHub Copilot, and Azure Monitor Agent.
• Microsoft released KB5071959 to fix enrollment issues for the Windows 10 Consumer Extended Security Update (ESU) program.
• Users enrolling in the Consumer ESU should install KB5071959 before applying other Windows 10 updates such as KB5068781.
• Third-party updates from Adobe and Mozilla have already been released; a Google Chrome update is expected soon.
• SANS Internet Storm Center provides an indexed breakdown of individual Microsoft fixes by severity and CVSS score.

What to watch next

• Expect and apply the forthcoming Google Chrome update (and the related Edge update) when released.
• Enterprise admins should consult the SANS Internet Storm Center breakdown and community sources like askwoody.com for testing notes before wide deployment.
• Whether exploitation of the zero-day (CVE-2025-62215) becomes more widespread is not confirmed in the source.

Quick glossary

• Zero-day: A software vulnerability that is being actively exploited before the vendor has provided a public patch.
• Remote code execution (RCE): A type of vulnerability that allows an attacker to run arbitrary code on a target system, potentially taking full control.
• GDI+: A Windows graphics interface used by many applications and services to render and process images.
• CVSS: Common Vulnerability Scoring System, a standardized method for rating the severity of security vulnerabilities.

Reader FAQ

Do I need to install KB5071959?
Yes — the source says KB5071959 fixes enrollment problems for the Windows 10 Consumer ESU and should be installed so affected PCs can receive further updates.

Is the zero-day vulnerability rated critical?
No — Microsoft labeled CVE-2025-62215 "important" because exploitation requires prior access to the device, per the source.

Will Windows 10 still receive patches?
Microsoft ended general support for Windows 10 last month, but the source reports an extra year of free updates is available to users who register for the Consumer ESU and successfully install the enrollment fix.

Should I expect browser updates as well?
Yes — the source notes Adobe and Mozilla updates are already out and a Google Chrome update is expected soon; Edge will need a corresponding update.

November 16, 2025 29 Comments Microsoft this week pushed security updates to fix more than 60 vulnerabilities in its Windows operating systems and supported software, including at least one zero-day…

Sources

• Microsoft Patch Tuesday, November 2025 Edition
• Microsoft Fixes Windows Kernel Zero Day in November …
• Security Update Guide – Microsoft Security Response Center
• CVE-2025-62215: Microsoft Patches Windows Kernel Zero …

Related posts

• Mozilla Ends Monitor Plus Ties to Onerep, Service Closing Dec. 17, 2025
• Are Android TV Streaming Boxes Being Recruited into Botnets?
• Meet Rey, the Teen Admin Behind Scattered LAPSUS$ Hunters Ransom Group