HomeMicrosoft Patch Tuesday › December 2025

Please link to this page, it changes often. Thank you! The Senserva Team.

Microsoft Patch Tuesday, December 2025

·

Microsoft's December 2025 security release, published December 9, 2025: 55 updates fixing 223 CVEs, ranked by confirmed exploitation, ransomware use, and severity. Provided by Senserva.

55
Updates (KBs)
223
CVEs fixed
6
Actively exploited
21
Critical updates

Actively exploited CVEs (CISA KEV)

CVE-2025-24990Windows Agere Modem Driver Elevation of Privilege VulnerabilityCVSS 7.8Exploited
CVE-2025-59230Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityCVSS 7.8Exploited
CVE-2025-62221Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityCVSS 7.8Exploited
CVE-2025-60710Host Process for Windows Tasks Elevation of Privilege VulnerabilityCVSS 7.8Exploited
CVE-2025-62215Windows Kernel Elevation of Privilege VulnerabilityCVSS 7.0Exploited
CVE-2025-47827MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11CVSS 4.6Exploited

Other high-risk CVEs (CVSS 8.8+)

CVE-2025-49708Microsoft Graphics Component Elevation of Privilege VulnerabilityCVSS 9.9
CVE-2025-60724GDI+ Remote Code Execution VulnerabilityCVSS 9.8
CVE-2025-64678Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-58715Windows Speech Runtime Elevation of Privilege VulnerabilityCVSS 8.8
CVE-2025-58716Windows Speech Runtime Elevation of Privilege VulnerabilityCVSS 8.8
CVE-2025-59295Windows URL Parsing Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-58718Remote Desktop Client Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-62456Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-62549Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-64672Microsoft SharePoint Server Spoofing VulnerabilityCVSS 8.8

Products fixed this month

Windows 10 Version 1809 for 32-bit Systems (40)Windows 10 Version 1809 for x64-based Systems (32)Windows Server 2019 (32)Microsoft Office 2019 for 32-bit editions (9)Windows 11 Version 25H2 for ARM64-based Systems (8)Windows 11 Version 25H2 for x64-based Systems (8)Microsoft SharePoint Enterprise Server 2016 (5)Microsoft SharePoint Server 2019 (5)Microsoft Office 2019 for 64-bit editions (5)Microsoft Exchange Server Subscription Edition RTM (4)
Take this release to your AI

Composed from the December 2025 release data above. Copy it into Claude, ChatGPT, or Copilot. Free, no sign-in.

Reference: Microsoft CVE and vulnerability management, ranked by real-world risk, and the Microsoft patching guide.
Data notice: this page is provided as is, for informational purposes only, without warranty of any kind. Senserva, LLC does not guarantee the accuracy, completeness, or timeliness of third-party data (MSRC, NVD, CISA KEV, EPSS) and accepts no liability for actions taken based on it; verify against the authoritative Microsoft advisory before acting. Built daily with Senserva Trustworthy AI. All use of this data is subject to the Senserva EULA.