Ethical Hacking News
Microsoft has released a new set of security updates that address 63 newly identified vulnerabilities in its software, including one zero-day vulnerability that has been exploited in the wild. This update includes four critical and 59 important vulnerabilities, with the Windows Kernel zero-day being the most concerning. To stay safe online, it's essential to keep your software up-to-date with the latest patches and follow best practices for network security.
Microsoft has released 63 new security vulnerabilities and addressed them via Patch Tuesday update.The updates include four critical vulnerabilities and 59 important ones, categorized into areas like privilege escalation and remote code execution.CVE-2025-62215 is a Windows Kernel zero-day vulnerability rated at CVSS score 7.0, exploited in the wild due to privilege escalation.The vulnerability can be used as part of post-exploitation activity to escalate privileges after initial access.A critical heap-based buffer overflow flaw (CVE-2025-60724) has been addressed with a CVSS score of 9.8, potentially leading to remote code execution.
The latest Patch Tuesday update from Microsoft has brought a plethora of security vulnerabilities to light, with a total of 63 new flaws identified and addressed by the tech giant. The patches, which were released on Tuesday, include four critical vulnerabilities and 59 important ones in severity. These flaws are categorized into several areas, including privilege escalation, remote code execution, information disclosure, denial-of-service (DoS), security feature bypass, and spoofing bugs.
Among these vulnerabilities, one stands out as particularly concerning: CVE-2025-62215, a Windows Kernel zero-day vulnerability rated at CVSS score 7.0. This flaw, which has been listed as exploited in the wild, is related to privilege escalation and is attributed to a race condition in the Windows Kernel. The Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have worked together to discover and report this issue.
In simple terms, the vulnerability allows an authorized attacker to elevate privileges locally on a system. However, successful exploitation of this flaw requires an attacker who has already gained a foothold on the system to trigger a race condition, which can then be used to obtain SYSTEM privileges. An attacker with low-privilege local access can run a specially crafted application that repeatedly attempts to trigger this race condition, causing the kernel's memory management to become confused and resulting in a double free.
The double free corrupts the kernel heap, allowing the attacker to overwrite memory and hijack the system's execution flow. The attackers may use this vulnerability as part of a post-exploitation activity to escalate their privileges after gaining initial access through other means, such as social engineering, phishing, or exploitation of another vulnerability.
In essence, this zero-day vulnerability presents a significant threat, particularly when used in conjunction with other vulnerabilities. An RCE (Remote Code Execution) or sandbox escape can provide the local code execution needed to turn a remote attack into a SYSTEM takeover, while an initial low-privilege foothold can be escalated to dump credentials and move laterally.
Furthermore, the patches also address a critical heap-based buffer overflow flaw in Microsoft's Graphics Component, denoted as CVE-2025-60724. This vulnerability has a CVSS score of 9.8 and could result in remote code execution if exploited.
In addition to these vulnerabilities, Microsoft has also released security updates for its Chromium-based Edge browser. The company had addressed 27 vulnerabilities in this browser since the release of October 2025's Patch Tuesday update.
The Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) work together to identify and report threats to help protect users from these newly identified security flaws. Microsoft provides proactive threat intelligence and protection guidance, empowering its customers to make their networks more secure against the latest threats.
As part of this ongoing effort, the company regularly releases patches for its software to address emerging vulnerabilities and enhance overall system security. These updates are essential for protecting users' data and preventing attacks from compromising their systems.
In conclusion, the latest Patch Tuesday update from Microsoft highlights a number of critical security flaws that have been identified and addressed by the tech giant. The most concerning of these is the Windows Kernel zero-day vulnerability, which has been listed as exploited in the wild. As always, it's vital for users to keep their software up-to-date with the latest patches to protect themselves from potential threats.
Related Information:
https://www.ethicalhackingnews.com/articles/Microsoft-Addresses-63-Critical-Security-Flaws-Including-a-Windows-Kernel-Zero-Day-Under-Active-Attack-ehn.shtml
https://thehackernews.com/2025/11/microsoft-fixes-63-security-flaws.html
https://nvd.nist.gov/vuln/detail/CVE-2025-62215
https://www.cvedetails.com/cve/CVE-2025-62215/
https://nvd.nist.gov/vuln/detail/CVE-2025-60724
https://www.cvedetails.com/cve/CVE-2025-60724/
Published: Wed Nov 12 05:21:08 2025 by llama3.2 3B Q4_K_M
