Patch Tuesday November 2025 - Only One Zero Day!

Patch Tuesday November 2025 - Only One Zero Day! Welcome to my November Patch Tuesday newsletter. Today Microsoft released 63 updates and a long list of 168 additional updates for a total of 209 updates in the past 30 days. Wow, so let's get started.

We have only one zero-day to look at which is quite refreshing that it's only one this month.

This month's zero day is CVE-2025-62215. This elevation of privilege vulnerability has a rather high CVSS score. Successful exploitation requires an attacker to win a race condition resulting in SYSTEM privileges. This affects various Windows OS's shown in the chart below. You will want to get this patched ASAP.

Besides our zero day we also have 18 other "Critical" rated updates for the month. These are in the chart below in bold.

As you can see in the chart below we still have Windows 10 listed in the Windows OS row. Keep in mind that today is the first update for Windows 10 in the Extended Security Updates (ESU) program. So if you have any Win10 systems in your environment, make sure they are getting updated still. It's highly recommended to get these updated to Win11 or throw out these old images and reimage these machines with Win11. If you are a small shop and cost is a concern, you can join the ESU program through Microsoft. You can learn more about the process and costs here.

Besides that it is a pretty normal month. Below the chart you will find a long list of Azure Linux and CBL Mariner products and versions. I didn't want to "clog up" the chart with all that data so I put it below the chart. See you next month!

Happy patching!

So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month.

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 10, 11 Server 2008 SP2, 2008 R2 SP1, 2012, 2012 R2, 2016, 2019, 2022, 2025 including Server Core Installations	Critical	CVE-2025-59505 CVE-2025-59506 CVE-2025-59507 CVE-2025-59508 CVE-2025-59509 CVE-2025-59510 CVE-2025-59511 CVE-2025-59512 CVE-2025-59513 CVE-2025-59514 CVE-2025-59515 CVE-2025-60703 CVE-2025-60704 CVE-2025-60705 CVE-2025-60706 CVE-2025-60707 CVE-2025-60708 CVE-2025-60709 CVE-2025-60710 CVE-2025-60713 CVE-2025-60714 CVE-2025-60715 CVE-2025-60716 CVE-2025-60717 CVE-2025-60718 CVE-2025-60719 CVE-2025-60720 CVE-2025-60721 CVE-2025-60723 CVE-2025-60724 CVE-2025-62208 CVE-2025-62209 CVE-2025-62213 CVE-2025-62215* CVE-2025-62217 CVE-2025-62218 CVE-2025-62219 CVE-2025-62452	Workaround: No Exploited: Yes* Public: No	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution
Edge	Chromium-based Edge for Android	Important	CVE-2025-11756 CVE-2025-12036 CVE-2025-12428 CVE-2025-12429 CVE-2025-12430 CVE-2025-12431 CVE-2025-12432 CVE-2025-12433 CVE-2025-12434 CVE-2025-12435 CVE-2025-12436 CVE-2025-12437 CVE-2025-12438 CVE-2025-12439 CVE-2025-12440 CVE-2025-12441 CVE-2025-12443 CVE-2025-12444 CVE-2025-12445 CVE-2025-12446 CVE-2025-12447 CVE-2025-12725 CVE-2025-12726 CVE-2025-12727 CVE-2025-12728 CVE-2025-12729 CVE-2025-60711	Workaround: No Exploited: No Public: No	Remote Code Execution
Office	365 Apps for Enterprise Excel 2016 Office 2016, 2019 LTSC 2021, 2024 including for Mac Office for Android Office Online Server	Critical	CVE-2025-59240 CVE-2025-60722 CVE-2025-60724 CVE-2025-60726 CVE-2025-60727 CVE-2025-60728 CVE-2025-62199 CVE-2025-62200 CVE-2025-62201 CVE-2025-62202 CVE-2025-62203 CVE-2025-62205 CVE-2025-62216	Workaround: No Exploited: No Public: No	Elevation of Privilege Information Disclosure Remote Code Execution
SharePoint	Enterprise Server 2016 Server 2019 Server Subscription Edition	Important	CVE-2025-62204	Workaround: No Exploited: No Public: No	Remote Code Execution
SQL Server	2016 SP3 GDR, Azure Connect Feature Pack 2017 CU31, GDR 2019 CU32, GDR 2022 CU21, GDR	Important	CVE-2025-59499	Workaround: No Exploited: No Public: No	Elevation of Privilege
Azure	Compute Resource Provider Event Grid System Managed Redis Monitor Notification Service	Critical	CVE-2025-59273 CVE-2025-59500 CVE-2025-59503 CVE-2025-59504	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution
Developer Tools	Visual Studio Code Visual Studio Code CoPilot Chat Extension Visual Studio 2022 v17.14	Critical	CVE-2025-62214 CVE-2025-62222 CVE-2025-62449 CVE-2025-62453	Workaround: No Exploited: No Public: No	Remote Code Execution Security Feature Bypass
Open Source Software	Windows Subsystem for Linux GUI *See more products and versions below chart	Critical	CVE-2025-11411 CVE-2025-11839 CVE-2025-11840 CVE-2025-12058 CVE-2025-12060 CVE-2025-39967 CVE-2025-39968 CVE-2025-39969 CVE-2025-39970 CVE-2025-39971 CVE-2025-39972 CVE-2025-39973 CVE-2025-39977 CVE-2025-39980 CVE-2025-39981 CVE-2025-39982 CVE-2025-39985 CVE-2025-39987 CVE-2025-39990 CVE-2025-39994 CVE-2025-39998 CVE-2025-40001 CVE-2025-40003 CVE-2025-40005 CVE-2025-40016 CVE-2025-40018 CVE-2025-40019 CVE-2025-40020 CVE-2025-40021 CVE-2025-40024 CVE-2025-40025 CVE-2025-40026 CVE-2025-40027 CVE-2025-40029 CVE-2025-40030 CVE-2025-40032 CVE-2025-40033 CVE-2025-40035 CVE-2025-40038 CVE-2025-40040 CVE-2025-40042 CVE-2025-40043 CVE-2025-40044 CVE-2025-40048 CVE-2025-40049 CVE-2025-40051 CVE-2025-40052 CVE-2025-40053 CVE-2025-40056 CVE-2025-40057 CVE-2025-40060 CVE-2025-40061 CVE-2025-40064 CVE-2025-40065 CVE-2025-40068 CVE-2025-40071 CVE-2025-40074 CVE-2025-40075 CVE-2025-40078 CVE-2025-40079 CVE-2025-40080 CVE-2025-40081 CVE-2025-40083 CVE-2025-40084 CVE-2025-40085 CVE-2025-40087 CVE-2025-40088 CVE-2025-40092 CVE-2025-40094 CVE-2025-40095 CVE-2025-40096 CVE-2025-40097 CVE-2025-40099 CVE-2025-40100 CVE-2025-40102 CVE-2025-40103 CVE-2025-40104 CVE-2025-40105 CVE-2025-40106 CVE-2025-40778 CVE-2025-40780 CVE-2025-47912 CVE-2025-53040 CVE-2025-53042 CVE-2025-53044 CVE-2025-53045 CVE-2025-53053 CVE-2025-53054 CVE-2025-53062 CVE-2025-53069 CVE-2025-58183 CVE-2025-58185 CVE-2025-58186 CVE-2025-58187 CVE-2025-58188 CVE-2025-58189 CVE-2025-59530 CVE-2025-61100 CVE-2025-61101 CVE-2025-61102 CVE-2025-61103 CVE-2025-61104 CVE-2025-61105 CVE-2025-61106 CVE-2025-61107 CVE-2025-61723 CVE-2025-61724 CVE-2025-61725 CVE-2025-62168 CVE-2025-62220 CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 CVE-2025-62518 CVE-2025-62813 CVE-2025-8677	Workaround: No Exploited: No Public: No	Remote Code Execution
Dynamics	365 Field Service (online) 365 (on-premises) v9.1	Important	CVE-2025-62206 CVE-2025-62210 CVE-2025-62211	Workaround: No Exploited: No Public: No	Information Disclosure Spoofing
System Center	Configuration Manager 2403, 2409, 2503	Important	CVE-2025-47179 CVE-2025-59501	Workaround: No Exploited: No Public: No	Elevation of Privilege Spoofing
Other	PowerScribe One v2023.1 SP2 Patch 7 PowerScribe 360v4.0.1 - v.4.0.9 and 2019.1 - 2019.10	Critical	CVE-2025-30398	Workaround: No Exploited: No Public: No	Information Disclosure

I didn't want to overflow the chart with the products and versions in this month's release for "Open Source Software". Below is a list of products and versions included:

Azure Linux:
azl3 bind 9.20.11-1, azl3 binutils 2.41-9, azl3 containerized-data-importer 1.57.0-16, azl3 coredns 1.11.4-10, azl3 frr 9.1.1-3, azl3 gcc 13.2.0-7, azl3 gh 2.62.0-9, azl3 golang 1.23.12-1, azl3 golang 1.25.3-1, azl3 kata-containers-cc 3.15.0.aks0-5, azl3 keras 3.3.3-4, azl3 kernel 6.6.104.2-4, azl3 kernel 6.6.96.2-2, azl3 libcontainers-common 20240213-3, azl3 lz4 1.9.4-1, azl3 moby-engine 25.0.3-13, azl3 mysql 8.0.43-1, azl3 python-tensorboard 2.16.2-6, azl3 skopeo 1.14.4-6, azl3 squid 6.13-1, azl3 squid 6.13-3, azl3 tensorflow 2.16.1-9, azl3 unbound 1.19.1-4, azl3 xorg-x11-server-Xwayland 24.1.6-2

CBL Mariner:
cbl2 bind 9.16.50-2, cbl2 binutils 2.37-17, cbl2 containerized-data-importer 1.55.0-25, cbl2 coredns 1.11.1-22, cbl2 cri-o 1.22.3-16, cbl2 frr 8.5.5-3, cbl2 gcc 11.2.0-8, cbl2 golang 1.18.8-10, cbl2 golang 1.22.7-5, cbl2 keras 2.11.0-3, cbl2 libcontainers-common 20210626-7, cbl2 lz4 1.9.4-1, cbl2 moby-engine 24.0.9-18, cbl2 msft-golang 1.24.8-1, cbl2 mysql 8.0.43-1, cbl2 python-tensorboard 2.11.0-3, cbl2 skopeo 1.14.2-12, cbl2 tensorflow 2.11.1-2, cbl2 unbound 1.19.1-3

Thanks as always for reading and best wishes on security,

Randy Franklin Smith

Click here to unsubscribe

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2025 Monterey Technology Group, All rights reserved. You may forward this email in its entirety but all other rights reserved.

9450 SW Gemini Drive #53822, Beaverton, OR 97008

Note: We do our best to provide quality information and expert commentary but use all information at your own risk.