Overview
- Microsoft’s monthly release addresses 63 vulnerabilities across Windows and other products, including five rated critical.
- The zero‑day CVE‑2025‑62215 in the Windows kernel enables elevation to SYSTEM by winning a race condition, with exploitation observed in real attacks.
- The most severe flaw, CVE‑2025‑60724 in GDI+, allows remote code execution via a crafted metafile, though Microsoft assesses exploitation as less likely.
- Microsoft labeled several issues as more likely to be exploited, including CEIP (CVE‑2025‑59512), Windows CSC (CVE‑2025‑60705), and three WinSock driver bugs (CVE‑2025‑60719, ‑62213, ‑62217).
- Cisco Talos released Snort detection rules for several covered flaws, including rule IDs 65496–65501, 65507–65510 and Snort 3 rules 301343–301345, 301347, 301348.