Unfold what this Patch Tuesday has in store for you

Q: What is Patch Tuesday?

Patch Tuesday, the colloquial term for Microsoft's Update Tuesday that falls on second Tuesday of every month. That is when Microsoft rolls out patch updates to improve security of the Microsoft applications... more

Q: When is Patch Tuesday?

Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on ... more

Q: Where can I find more details about individual bulletins?

Each CVE ID listed in the ... more

Patch Tuesday, the unofficial term for Microsoft's scheduled security fix release on every second Tuesday of a month, has been a constant topic of discussion ever since its inception.

Upcoming Webinar

- 11:30 a.m. EST& 6:30 a.m. GMT

Agenda of the Free Patch Tuesday webinar

A complete breakdown of all the latest Patch Tuesday updates
Patch updates that you should be prioritizing
Topical updates in the cyber-security space
Real-time patching scenarios and ways to handle them
Few best practices that you need to employ for an effective patch management

Book your slots here!

First Name ^* Enter a valid first name Enter your first name Last Name ^* Enter a valid last name Enter your last name Email ^* Enter a valid email address Enter your email address Patch Tuesday Training Time (Monthly Once)
Patch Tuesday (Monthly once)

11:30 EST-

6:30 GMT-

Choose your Webinar Series Gain exclusive access to our UEMS Free Training series

11:30 EDT -

6:30 GMT -

By clicking 'Register', you agree to processing of personal data according to the Privacy Policy.
-

Microsoft Patch Tuesday December 2025 - Summary

Dec 112025

Read Blog

100

Patches

57

Vulnerabilities

13

Articles

5

Impacts

CVE Index for December 2025 Patch Tuesday Updates

Critical Vulnerabilities
Zero-day vulnerabilities
Microsoft Windows
Microsoft
Office
Microsoft .NET
Others

Vulnerable Component	Impact	CVE ID
Microsoft Office	Remote Code Execution	CVE-2025-62557
Microsoft Office	Remote Code Execution	CVE-2025-62554

Vulnerable Component	Impact	CVE ID
GitHub Copilot for Jetbrains	Remote Code Execution	CVE-2025-64671
Windows Cloud Files Mini Filter Driver	Elevation of Privilege	CVE-2025-62221
PowerShell	Remote Code Execution	CVE-2025-54100

CVE ID	Severity	Impact
CVE-2025-64678	Important	Remote Code Execution
CVE-2025-64673	Important	Elevation of Privilege
CVE-2025-64670	Important	Information Disclosure
CVE-2025-64667	Important	Spoofing
CVE-2025-64666	Important	Elevation of Privilege
CVE-2025-64661	Important	Elevation of Privilege
CVE-2025-64658	Important	Elevation of Privilege
CVE-2025-62573	Important	Elevation of Privilege
CVE-2025-62571	Important	Elevation of Privilege
CVE-2025-62570	Important	Information Disclosure
CVE-2025-62569	Important	Elevation of Privilege
CVE-2025-62567	Important	Denial of Service
CVE-2025-62565	Important	Elevation of Privilege
CVE-2025-64680	Important	Elevation of Privilege
CVE-2025-64679	Important	Elevation of Privilege
CVE-2025-62549	Important	Remote Code Execution
CVE-2025-62474	Important	Elevation of Privilege
CVE-2025-62473	Important	Information Disclosure
CVE-2025-62472	Important	Elevation of Privilege
CVE-2025-62470	Important	Elevation of Privilege
CVE-2025-62469	Important	Elevation of Privilege
CVE-2025-62468	Important	Information Disclosure
CVE-2025-62467	Important	Elevation of Privilege
CVE-2025-62466	Important	Elevation of Privilege
CVE-2025-62465	Important	Denial of Service
CVE-2025-62464	Important	Elevation of Privilege
CVE-2025-62463	Important	Denial of Service
CVE-2025-62462	Important	Elevation of Privilege
CVE-2025-62461	Important	Elevation of Privilege
CVE-2025-62458	Important	Elevation of Privilege
CVE-2025-62457	Important	Elevation of Privilege
CVE-2025-62456	Important	Remote Code Execution
CVE-2025-62455	Important	Elevation of Privilege
CVE-2025-62454	Important	Elevation of Privilege
CVE-2025-59517	Important	Elevation of Privilege
CVE-2025-59516	Important	Elevation of Privilege
CVE-2025-55233	Important	Elevation of Privilege
CVE-2025-66476
CVE-2025-66221

CVE ID	Severity	Impact
CVE-2025-64672	Important	Spoofing
CVE-2025-62564	Important	Remote Code Execution
CVE-2025-62563	Important	Remote Code Execution
CVE-2025-62562	Important	Remote Code Execution
CVE-2025-62561	Important	Remote Code Execution
CVE-2025-62560	Important	Remote Code Execution
CVE-2025-62559	Important	Remote Code Execution
CVE-2025-62558	Important	Remote Code Execution
CVE-2025-62556	Important	Remote Code Execution
CVE-2025-62555	Important	Remote Code Execution
CVE-2025-62553	Important	Remote Code Execution
CVE-2025-62552	Important	Remote Code Execution

CVE ID	Severity	Impact

CVE ID	Severity	Impact
CVE-2025-62550	Important	Remote Code Execution

Previous Patch Tuesday Updates and Fixes

Microsoft Windows Patch Tuesday - Overview

What is Patch Tuesday?

Patch Tuesday or Update Tuesday is the common name for the second Tuesday of every month when Microsoft releases security updates for its operating system and other software. Coinciding with the Patch Tuesday, several other vendors such as Oracle, Mozilla, Adobe, and many others roll out updates for the third-party applications.

When is Patch Tuesday?

Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on Jan 13, 2025.

What is patching and why is it important?

Patches are nothing but pieces of software code that are written to fix a bug in a software application, that might lead to a vulnerability. Such vulnerabilities in any application are loop holes for attackers to get their hands on business critical data and information. So it is highly crucial to keep all the applications in a network updated to its latest versions. Updating applications in mobile phones and laptops also work in the same manner by preventing theft of personal data, through security flaws.

What kind of patch updates are released during Patch Tuesday?

Predominantly security patch updates of varying severity like Critical, Important, Moderate & Low are labeled and released. Effective Windows patch management involves prioritizing these based on severity, automating deployment, and ensuring rollback or compatibility testing. It is always a best practice to prioritize your patching based on the severity level mentioned.

What are CVE IDs?

CVE ID - Common Vulnerabilities and Exposure ID is a format in which each vulnerability is disclosed and cataloged in the National Vulnerability Database (NVD). You can look up for a detailed explanation of each vulnerability in the NVD with the help of CVE ID. In Patch Manager Plus you can make use of these CVE IDs to fetch the appropriate patches to deploy. You can find the CVE IDs here.

How to register for ManageEngine's Free Patch Tuesday webinar?

The upcoming Free Patch Tuesday webinar by ManageEngine is scheduled on -. You can make your registrations here.

Where can I find more details about individual bulletins?

Each CVE ID listed in the CVE Index section has been linked to its security advisory.