If you are among the millions of Windows users, it’s that time again—your monthly reminder to install all available security updates. Microsoft has rolled out its November Patch Tuesday release, which addresses a total of 63 vulnerabilities, including a particularly concerning zero-day flaw that has been actively exploited in the wild.
According to reports from Bleeping Computer, this month’s update tackles a variety of vulnerabilities, categorized as follows:
- 29 elevation of privilege vulnerabilities
- 2 security feature bypass vulnerabilities
- 16 remote code execution vulnerabilities
- 11 information disclosure vulnerabilities
- 2 denial of service vulnerabilities
- 3 spoofing vulnerabilities
It is worth noting that these figures do not encompass patches for Microsoft Edge and Mariner. Among the vulnerabilities being addressed, four have been designated as “critical,” including two remote code execution bugs, along with one each of the elevation of privilege and information disclosure flaws.
Patch fixes one zero-day threat
The urgency of installing security updates cannot be overstated, particularly when they involve zero-day vulnerabilities—those that are actively exploited or publicly exposed before an official fix is available. This month, Windows users are at risk from CVE-2025-62215, an elevation of privilege flaw within the Windows Kernel. This vulnerability permits threat actors to escalate their privileges by exploiting a “race condition,” which results from improper synchronization in the Windows Kernel.
The vulnerability was identified by the Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC), although further details regarding its exploitation remain undisclosed.
Other updates for Windows users
In addition to security updates, Windows 11 users will benefit from an upgraded Start menu, which is now scrollable and organized into app categories, adapting seamlessly to the size of your screen. Other enhancements include a redesigned battery icon and improved functionalities for File Explorer, Voice Access, and Click to Do.
It is important to note that as of last month’s Patch Tuesday, Microsoft has officially ended support for Windows 10. However, users who have opted for Extended Security Updates (ESU) will continue to receive security patches until October 13, 2026.
