This month’s Microsoft Patch Tuesday introduced security updates to rectify more than 60 vulnerabilities in Windows and supported software, highlighting a critical zero-day vulnerability (CVE-2025-62215) that is actively exploited. The importance of these updates is amplified by the inclusion of various products, including Windows OS, Office, SharePoint, and SQL Server. Notably, CVE-2025-60274 was identified as a critical risk due to its wide usage in applications, including Microsoft Office, prompting urgent action from organizations.
Furthermore, updates addressed a critical Office vulnerability (CVE-2025-62199) associated with remote code execution via the Preview Pane, illustrating the low complexity of exploitation. While Microsoft previously ceased support for Windows 10, the provision of an additional year of free updates appeals to users who registered with an active account. The community response indicates some confusion surrounding this registration, underscoring the importance of participating in the program. Overall, as Microsoft and third-party providers like Adobe and Mozilla continue to release updates, maintaining system backups and readiness for future patches remains crucial for users.
👉 Pročitaj original: Krebs on Security
