On 9 December 2025, Microsoft released its December 2025 security update, addressing 57 newly disclosed vulnerabilities. Arctic Wolf has highlighted three vulnerabilities affecting Microsoft Windows and Office in this security bulletin due to their potential impact.
Vulnerabilities
| Vulnerability | CVSS | Description | Exploited? |
| CVE-2025-62221 | 7.8 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability – An authorised threat actor can exploit a use-after-free flaw in the Windows Cloud Files Mini Filter Driver to elevate privileges locally and gain SYSTEM access.
|
Yes |
| CVE-2025-62554 | 8.4 | Microsoft Office Remote Code Execution Vulnerability – A type-confusion flaw in Microsoft Office that allows an unauthorised threat actor to execute code locally through a malicious link sent to a victim. In the worst case, a crafted email can trigger code execution without user interaction. | No |
| CVE-2025-62557 | 8.4 | Microsoft Outlook Remote Code Execution Vulnerability – A use-after-free flaw in Microsoft Office that allows an unauthorised threat actor to execute code locally through a malicious link sent to a victim. In the worst case, a crafted email can trigger code execution without user interaction. | No |
Recommendations for Microsoft Patch Tuesday: December 2025
Upgrade to Latest Fixed Versions
Arctic Wolf strongly recommends that customers upgrade to the latest fixed versions.
| Affected Product | Vulnerability | Update Article |
| Windows Server 2025 | CVE-2025-62221 | 5072033, 5072014 |
| Windows Server 2022, 23H2 Edition | CVE-2025-62221 | 5071542 |
| Windows Server 2022 | CVE-2025-62221 | 5071547, 5071413 |
| Windows Server 2019 | CVE-2025-62221 | 5071544 |
| Windows 11 Version 25H2 for x64-based, and ARM64-based Systems | CVE-2025-62221 | 5072033, 5072014 |
| Windows 11 Version 24H2 for x64-based, and ARM64-based Systems | CVE-2025-62221 | 5072033 |
| Windows 11 Version 23H2 for x64-based, and ARM64-based Systems | CVE-2025-62221 | 5071417 |
| Windows 10 Version 22H2 for 32-bit, x64-based, and ARM64-based Systems | CVE-2025-62221 | 5071546 |
| Windows 10 Version 21H2 for 32-bit, x64-based, and ARM64-based Systems | CVE-2025-62221 | 5071546 |
| Windows 10 Version 1809 for 32-bit, and x64-based Systems | CVE-2025-62221 | 5071544 |
| Microsoft Office LTSC for Mac 2024, and Mac 2021 | CVE-2025-62554, CVE-2025-62557 | According to Microsoft, update information will be added to the respective CVE pages when it becomes available. |
| Microsoft Office LTSC 2024 for 32-bit, and 64-bit editions | CVE-2025-62554, CVE-2025-62557 | Release Notes |
| Microsoft Office LTSC 2021 for 32-bit, and 64-bit editions | CVE-2025-62554, CVE-2025-62557 | Release Notes |
| Microsoft Office for Android | CVE-2025-62554, CVE-2025-62557 | Update Guide |
| Microsoft Office 2019 for 32-bit, and 64-bit editions | CVE-2025-62554, CVE-2025-62557 | Release Notes |
| Microsoft Office 2016 32-bit, and 64-bit edition | CVE-2025-62554, CVE-2025-62557 | 5002819 |
| Microsoft 365 Apps for Enterprise for 32-bit, and 64-bit Systems | CVE-2025-62554, CVE-2025-62557 | Release Notes |
Please follow your organisation’s patching and testing guidelines to minimise potential operational impact.
References
