on December 9, 2025 at 8:00 am — CVE-2024-30098 Windows Cryptographic Services Security Feature Bypass Vulnerability
Updated the “Are there any further actions I need to take to be protected from this vulnerability?” FAQ as follows: 1. Added a reminder to customers that The DisableCapiOverrideForRSA registry key will be removed in April 2026. 2. Added an update that states: The October 14, 2025, Windows updates addressing CVE-2024-30098 revealed issues in applications
on December 9, 2025 at 8:00 am — CVE-2025-60710 Host Process for Windows Tasks Elevation of Privilege Vulnerability
The following updates have been made: 1. To comprehensively address CVE-2025-60710, Microsoft has released December 2025 security updates for all supported editions of Windows 11 Version 24H2, Windows 11 Version 25H2, and Windows Server 2025. Microsoft recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to
on December 9, 2025 at 8:00 am — CVE-2025-62454 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
on December 9, 2025 at 8:00 am — CVE-2025-62456 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network.
on December 9, 2025 at 8:00 am — CVE-2025-62457 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Out-of-bounds read in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.