December Patch Tuesday fixes three zero-days, including one that hijacks Windows devices

Microsoft has rolled out a significant security update addressing a total of 57 vulnerabilities, including three critical zero-day exploits that are currently being targeted by attackers. As the company has ceased introducing new features for Windows 10, users can expect only security updates and bug fixes moving forward.

What’s been fixed

On the second Tuesday of every month, a tradition known as “Patch Tuesday,” Microsoft delivers essential security updates. This month’s patches specifically target critical vulnerabilities in Windows 10, Windows 11, Windows Server, Office, and associated services.

Among the vulnerabilities addressed are:

1. CVE-2025-62221: An actively exploited privilege escalation vulnerability in the Windows Cloud Files Mini Filter Driver.
2. CVE-2025-64671: A publicly disclosed remote code execution (RCE) vulnerability affecting GitHub Copilot for JetBrains.
3. CVE-2025-54100: An RCE issue within Windows PowerShell.

PowerShell has received particular attention in this update. Users will now receive warnings whenever the Invoke-WebRequest command attempts to fetch web pages without safe parameters. This precaution aims to mitigate the risk of unintended script execution from web content, advising users to utilize the -UseBasicParsing switch to avoid executing any scripts embedded in downloaded pages.

While Microsoft has not explicitly linked the new warning to the ClickFix campaign, it effectively addresses the exploitation method that relies on deceiving users into executing web-fetched PowerShell code without a full understanding of its implications.

How to apply fixes and check you’re protected

To ensure your Windows PC remains secure, follow these steps to apply the latest updates:

1. Open Settings
   • Click the Start button (the Windows logo at the bottom left of your screen).
   • Select Settings (represented by a gear icon).
2. Go to Windows Update
   • In the Settings window, choose Windows Update (usually found at the bottom of the left menu).
3. Check for updates
   • Click the Check for updates button.
   • Windows will search for the latest Patch Tuesday updates.
   • If you previously enabled automatic updates, you may see this under Update history:
   • Alternatively, you might encounter a Restart required message, indicating that a simple restart will complete the update process.
4. Download and Install
   • If updates are found, they will begin downloading immediately. Once completed, you’ll see an Install or Restart now button.
   • Click Install if necessary and follow any prompts. A restart is typically required to finalize the updates; if prompted, click Restart now.
5. Double-check you’re up to date
   • After restarting, return to Windows Update and check again. If it indicates You’re up to date, you’re all set!

We don’t just report on threats—we remove them. Cybersecurity risks should never extend beyond a headline. Keep threats off your devices by downloading Malwarebytes today.