{“lastseen”:”2025-11-12T12:05:07″,”description”:”These updates fix serious security issues \u2014 including one that attackers are already exploiting to take control of Windows systems. By chaining it with other attacks, they can gain full admin access, install malware, steal data, or make deeper changes you wouldn\u2019t normally be able to undo. Run Windows Update today, restart your PC, and check you’re up to date.\\n\\n## What’s been fixed\\n\\nMicrosoft releases important security updates on the second Tuesday of every month\u2014known as \u201cPatch Tuesday.\u201d This month\u2019s patches fix critical flaws in Windows 10, Windows 11, Windows Server, Office, and related services.\\n\\nParticularly noteworthy are some critical Remote Code Execution (RCE) bugs in Microsoft Graphics and Office that can allow attackers to run malicious code just by convincing someone to open a booby-trapped file or document.\\n\\nA \u201czero-day\u201d is a software flaw that attackers are already exploiting before a fix is available. The name comes from the fact that defenders have _zero days_ to protect themselves\u2014attackers can strike before patches are released. In this month\u2019s update, Microsoft fixed one such vulnerability: CVE-2025-62215, a Windows Kernel Elevation of Privilege (EoP) flaw.\\n\\nIt lets an attacker who already has local access to a device gain higher, admin-level permissions by exploiting what’s known as a \u201crace condition.\\” A race condition vulnerability happens when different programs or processes try to use the same resource at the same time without proper coordination. During that brief window of confusion, attackers can slip through and exploit the system.\\n\\nAttackers need to combine this vulnerability with other attack methods. Once they’ve compromised a system, they use this vulnerability to escalate privileges and gain admin-level rights.\\n\\nAnother critical vulnerability worth noting is CVE-2025-60724, which comes with a CVSS score of 9.8 out of 10. It\u2019s a heap-based buffer overflow in the GDI+ Microsoft Graphics Component, which allows an unauthorized attacker to run malicious code over a network.\\n\\nA buffer overflow happens when software writes more data to memory than it can handle, potentially overwriting other areas and injecting malicious code. In the case of CVE-2025-60724, Microsoft warns that attackers could exploit the flaw by convincing a victim to download and open a document that contains a specially crafted metafile. In more advanced attacks, the same vulnerability could be triggered remotely by uploading a malicious file to a vulnerable web service.\\n\\n## How to apply fixes and check you’re protected\\n\\nThese updates fix security problems and keep your Windows PC protected. Here\u2019s how to make sure you\u2019re up to date:\\n\\n1\\\\. Open **Settings**\\n\\n * Click the **Start** button (the Windows logo at the bottom left of your screen).\\n * Click on **Settings** (it looks like a little gear).\\n\\n\\n\\n2\\\\. Go to **Windows Update**\\n\\n * In the Settings window, select **Windows Update** (usually at the bottom of the menu on the left).\\n\\n\\n\\n3. **Check for Updates**\\n\\n * Click the button that says **Check for updates**.\\n * Windows will search for the latest Patch Tuesday updates for November 2025.\\n\\n\\n\\nIf you have selected automatic updates earlier, you may see this:\\n\\n\\n\\n * Which means all you have to do is restart your system and you\u2019re done updating.\\n * If not, continue with the below.\\n\\n\\n\\n4. **Download and Install**\\n\\n * If updates are found, they’ll start downloading right away. Once complete, you\u2019ll see a button that says **Install** or **Restart now**.\\n * Click **Install **if needed and follow any prompts. Your computer will usually need a restart to finish the update. If it does, click **Restart now**.\\n\\n\\n\\n**5\\\\. Double-check you ‘re up to date**\\n\\n * After restarting, go back to **Windows Update** and check again. If it says **You\u2019re up to date** , you\u2019re all set!\\n\\n\\n\\n* * *\\n\\n**We don\u2019t just report on threats\u2014we remove them**\\n\\nCybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.”,”published”:”2025-11-12T11:53:39″,”modified”:”2025-11-12T11:53:39″,”type”:”malwarebytes”,”title”:”Update now: November Patch Tuesday fixes Windows zero-day exploited in the wild”,”source”:””,”references”:””,”id”:”MALWAREBYTES:D5F85E71B22E3D70815D95831EE004F0″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[“CVE-2025-60724″,”CVE-2025-62215″],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:9.8,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2025\/11\/update-now-november-patch-tuesday-fixes-windows-zero-day-exploited-in-the-wild”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-11-12T12:05:07″,”description”:”These updates fix serious security issues \u2014 including one that attackers are already exploiting to take control of Windows systems. By chaining it with other…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[9,6,8,35,12,115,13,7,11,5],"class_list":["post-25941","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-malwarebytes","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n