Microsoft December 2025 Patch Tuesday Fixes Actively Exploited Zero-Day (CVE-2025-62221)

Microsoft released its December 2025 Patch Tuesday updates, addressing 57 security vulnerabilities across Windows, Office, and other products. One zero-day flaw (CVE-2025-62221) is being actively exploited in the wild, allowing attackers to escalate privileges.

Details of the Vulnerability

CVE-2025-62221 is a use-after-free elevation of privilege vulnerability in the Windows Cloud Files Mini Filter Driver (CVSS score: 7.8). It affects Windows 10 and later versions, enabling authenticated local attackers to gain SYSTEM-level privileges.

Impact and Recommendations

• Allows privilege escalation to full system control
• Actively exploited by attackers in real-world attacks
• Added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog
• Apply the December 2025 updates immediately via Windows Update

CVE-2025-62221 is an Important elevation of privilege vulnerability affecting Windows Cloud Files Mini Filter Driver and has a CVSS score of 7.8. This vulnerability allows authenticated local attackers with low privileges to elevate their privileges to SYSTEM level… There is evidence of active exploitation in the wild.

CrowdStrike

Read the full Microsoft release here:

https://msrc.microsoft.com/update-guide/releaseNote/2025-Dec