Skip to content
BLOG

Patch Tuesday November 2025

Brock Bingham candid headshot
Brock Bingham|November 11, 2025
Patch Tuesday (green)
Patch Tuesday (green)
Sections

Last month, Microsoft sent Windows 10 to that great recycle bin in the sky, and they didn’t hold back on the last-minute patches. With over 170 CVEs released, I think Microsoft was hoping to keep Windows 10 secure for as long as possible for the millions of people who haven’t upgraded to Windows 11 and who haven’t opted for ESU support. How chivalrous of them. 

Now with their focus primarily on Windows 11, it’ll be interesting to see if that impacts the number of CVEs that Microsoft tends to release each month. Let’s find out! 

Severity 

  • Total exploits patched: 63 

  • Critical patches: 5 

  • Important: 58 

  • Moderate: 0 

  • Low: 0 

Vulnerability impact 

  • Remote code execution: 16 

  • Elevation of privilege: 29 

  • Information disclosure: 11 

  • Spoofing: 2 

  • Tampering: 0 

  • Denial of service: 3 

  • Feature bypass: 2 

Availability 

  • Publicly disclosed: 0 

  • Actively exploited: 1 

Some highlights (or lowlights) 

  • CVE-2025-60724: Our highest rated vulnerability for today's release is CVE-2025-60724. This is a heap-based buffer overflow exploit that uses a vulnerability in the Graphics Device Interface to enable remote code execution or information disclosure. We've seen this same style of exploit impacting GDI several times now over the past few months. Hopefully this patch will close the remaining exploits. 

  • CVE-2025-59512: Next up, we've got CVE-2025-59512. This vulnerability uses improper access controls in the Customer Experience Improvement Program (CEIP) to locally elevate privileges. Many people already consider CEIP to be a form of Microsoft supported spyware, so this is just one more reason why you should disable it. 

  • CVE-2025-62215: Wrapping things up with our single zero-day, CVE-2025-62215. I know “zero-day” sounds like panic time, but this one’s actually pretty mellow. Microsoft says it’s tough to exploit, limited to local access, and needs low-level permissions. Go ahead and patch, just no need to rush it out without testing. 

Wrapping up 

If I were an optimistic sysadmin, I’d hope that the focus on Windows 11 would result in a better OS and patch management experience. However, the skeptic inside me and my years of experience makes me believe that it’ll be business as usual for the coming months.

Brock Bingham candid headshot
Brock Bingham

Born in the '80s and raised by his NES, Brock quickly fell in love with everything tech. With over 15 years of IT experience, Brock now enjoys the life of luxury as a renowned tech blogger and receiver of many Dundie Awards. In his free time, Brock enjoys adventuring with his wife, kids, and dogs, while dreaming of retirement.

Related articles

Security green

8 MSP cybersecurity best practices to protect clients in 2026

SECURITY

Dog drooling while reading content on laptop

How IT teams use remote desktop software beyond help desk support

GENERAL IT

Security grey

Shadow AI risks: How to stop unapproved AI tools from exposing data

SECURITY