Today is Microsoft Patch Tuesday for November 2025. There are 63 vulnerabilities that have been addressed this time around.

There is one vulnerability currently exploited in the wild, and one that has a very high severity rating. We recommend applying these updates as soon as possible.

Notable Patch Tuesday vulnerabilities for November

• CVE-2025-62215 A privilege escalation vulnerability in the Windows kernel could be exploited by an attacker to gain SYSTEM level privileges on the system. To exploit this vulnerability, the attacker needs to win a race condition. This vulnerability is actively exploited in the wild.
• CVE-2025-60724 A heap-based buffer overflow vulnerability in the Windows GDI+ could be exploited by an attacker to gain arbitrary code execution on the system. To exploit this vulnerability, the attacker needs to trick a user into opening a malicious file.

For more detailed information on these and other vulnerabilities, please refer to the release notes.

Need help addressing the above in your own organization? Speak to an Outpost24 expert.