Microsoft's November Patch Tuesday: 66 Vulnerabilities, One Exploited Zero-Day, and a Critical Remote Code Execution Flaw
Microsoft's November Patch Tuesday brings a total of 66 new vulnerabilities, a significant decrease from recent months. One of these vulnerabilities is a critical zero-day issue, CVE-2025-60724, which is currently being exploited in the wild. This vulnerability, affecting Microsoft software, could allow an attacker to upload a malicious document to a vulnerable web service, potentially leading to remote code execution as SYSTEM via the network without prior access. The underlying weakness, CWE-122, is a heap-based buffer overflow, a long-standing issue in computer security.
Another critical vulnerability, CVE-2025-62199, is found in Microsoft Office and requires users to download and open a malicious file. This vulnerability is designated as a remote code execution (RCE) issue, making it a significant concern. Interestingly, the Preview Pane is a potential vector for exploitation, as users may inadvertently enable dangerous content. Visual Studio's critical RCE vulnerability, CVE-2025-62214, demands a complex chain of events, including prompt injection, agent interaction, and triggering a build, to be exploited.
SQL Server administrators should be aware of CVE-2025-59499, an elevation of privilege (EoP) vulnerability. While it requires existing privileges, successful exploitation can lead to running arbitrary Transact-SQL (T-SQL) commands. Despite the default configuration disabling xp_cmdshell, there are alternative methods for exploitation, and the safe assumption is that it will result in code execution within the SQL Server context. Patches are available for all supported SQL Server versions.
Microsoft's November updates also include the end of support for Windows 11 Home and Pro 23H2, a minor transition compared to the October 2025 changes. This update introduces a requirement for newer CPU instruction sets, affecting a small number of older CPUs. Microsoft provides compatibility lists for Intel, AMD, and Qualcomm CPU series to ensure a smooth transition for users.
