Today is the monthly 'Windows Update' day, and a patch to fix a bug that prevented Windows 10 from registering for extended updates is being distributed.
The monthly Windows Update, which delivers security updates and bug fixes for Windows, has been released. This security update includes patches for 63 flaws, including the Windows kernel privilege escalation zero-day vulnerability CVE-2025-62215 .
November 2025 security updates (monthly)
https://www.microsoft.com/en-us/msrc/blog/2025/11/202511-security-update
The November 2025 Microsoft Monthly Security Updates have been released. Updates are automatically applied by default. For organizations that manage updates, we have published an overview on our blog. Please refer to this and deploy updates as soon as possible. https://t.co/6D0kukbZUg #Security #Updates … pic.twitter.com/pF3hVQEjx3
— Microsoft Security Team (@JSECTEAM) November 11, 2025
The list of security updates is as follows:
| Target products | maximum severity | The biggest impact | Related knowledge base articles or support web pages |
|---|---|---|---|
| Windows 11 v25H2, v24H2, v23H2 | emergency | Remote code execution possible | v25H2, v24H2 5068861 v25H2, v24H2 Hotpatch 5068966 v23H2 5068865 |
| Windows Server 2025 (including Server Core installation) | emergency | Remote code execution possible | 5068861 HotPatch 5068966 |
| Windows Server 2022, 23H2 (including Server Core installation) | emergency | Remote code execution possible | Windows Server 2022, 5068787 Windows Server 2022 Hotpatch 5068840 Windows Server 23H2, 5068779 |
| Windows Server 2019, 2016 (including Server Core installation) | emergency | Remote code execution possible | Windows Server 2019, 5068791 Windows Server 2016, 5068864 |
| Microsoft Office | emergency | Remote code execution possible | https://learn.microsoft.com/officeupdates |
| Microsoft SharePoint | important | Remote code execution possible | https://learn.microsoft.com/officeupdates/sharepoint-updates |
| Microsoft Visual Studio | emergency | Remote code execution possible | https://learn.microsoft.com/visualstudio |
| Microsoft Dynamics 365 | important | Information leakage | https://learn.microsoft.com/dynamics365 |
| Microsoft SQL Server | important | Privilege Escalation | https://learn.microsoft.com/sql |
| Microsoft Azure | important | Remote code execution possible | https://learn.microsoft.com/azure |
| System Center | important | Privilege Escalation | https://learn.microsoft.com/system-center |
The vulnerabilities addressed in the November 2025 security update are as follows:
| tag | CVE ID | severity | CVE Title |
|---|---|---|---|
| Azure Monitor Agent | CVE-2025-46747 | important | Azure Monitor Agent Elevation of Privilege Vulnerability |
| Dynamics 365 and Power Platform | CVE-2025-46014 | important | Dynamics 365 Customer Insights spoofing vulnerability |
| Dynamics 365 (on-premises) (v9.0) | CVE-2025-46018 | important | Dynamics 365 (On-Premises) Cross-Site Scripting Vulnerability |
| Dynamics 365 (on-premises) (v9.1) | CVE-2025-46019 | important | Dynamics 365 (On-Premises) Cross-Site Scripting Vulnerability |
| Host Integration Server (HIS) | CVE-2025-46743 | important | Host Integration Server remote code execution vulnerability |
| Microsoft BizTalk Server | CVE-2025-46743 | important | Host Integration Server remote code execution vulnerability |
| Microsoft Configuration Manager | CVE-2025-46709 | important | Microsoft Configuration Manager Elevation of Privilege Vulnerability |
| Dynamics 365 (on-premises) (v9.0) | CVE-2025-46015 | important | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability |
| Dynamics 365 (on-premises) (v9.1) | CVE-2025-46016 | important | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability |
| Microsoft Office 2019 | CVE-2025-46714 | important | Microsoft Office Spoofing Vulnerability |
| Microsoft Office 2019 | CVE-2025-46716 | important | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft Office 2019 | CVE-2025-46717 | important | Microsoft Office Spoofing Vulnerability |
| Microsoft Excel 2016 | CVE-2025-46718 | important | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Excel 2016 | CVE-2025-46719 | important | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Excel 2016 | CVE-2025-46720 | important | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Excel 2016 | CVE-2025-46721 | important | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Excel 2016 | CVE-2025-46722 | important | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Excel 2016 | CVE-2025-46723 | important | Microsoft Excel Information Disclosure Vulnerability |
| Microsoft Excel 2016 | CVE-2025-46724 | important | Microsoft Excel Information Disclosure Vulnerability |
| Microsoft SharePoint Server 2016 | CVE-2025-46012 | important | Microsoft SharePoint remote code execution vulnerability |
| Microsoft Word 2016 | CVE-2025-46715 | important | Microsoft Word remote code execution vulnerability |
| Windows 10 Version 1809 | CVE-2025-46702 | important | Microsoft Streaming Service proxy specification vulnerability |
| Windows 10 Version 1809 | CVE-2025-46741 | important | Microsoft Windows Home Networking Elevation of Privilege Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46742 | important | Microsoft Windows Home Networking Elevation of Privilege Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46700 | important | Active Directory Certificate Services Elevation of Privilege Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46713 | important | Elevation of Privilege Vulnerability in Windows Ancillary Function Driver for WinSock |
| Microsoft OneDrive | CVE-2025-46751 | emergency | Microsoft OneDrive for Android Elevation of Privilege Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46708 | important | Hyper-V Information Disclosure Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46710 | important | Hyper-V Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46008 | important | Denial of service vulnerability in Start-up Telemetry |
| Windows 10 Version 1809 | CVE-2025-46021 | important | Denial of service vulnerability in State Repository Service |
| Visual Studio 2022 | CVE-2025-46750 | emergency | Visual Studio remote code execution vulnerability |
| Windows 10 Version 1809 | CVE-2025-46011 | important | Windows Bind Filter Driver Spoofing Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46017 | important | Windows Bind Filter Driver Spoofing Vulnerability |
| Windows 10 Version 1809 | CVE-2025-42944 | important | Windows Codecs Library security feature bypass vulnerability |
| Windows 10 Version 1809 | CVE-2025-46003 | important | Windows Administrative Protection Elevation of Privilege Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46010 | important | Elevation of Privilege Vulnerability in Windows Ancillary Function Driver for WinSock |
| Windows 10 Version 1809 | CVE-2025-46022 | important | Denial of Service Vulnerability in Windows Ancillary Function Driver for WinSock |
| Windows 10 Version 1809 | CVE-2025-46023 | important | Denial of Service Vulnerability in Windows Ancillary Function Driver for WinSock |
| Windows 10 Version 1809 | CVE-2025-46712 | important | Denial of Service Vulnerability in Windows Ancillary Function Driver for WinSock |
| Windows 10 Version 1809 | CVE-2025-46703 | important | Windows Bluetooth BthA2dp Driver information disclosure vulnerability |
| Windows 10 Version 1809 | CVE-2025-46704 | important | Windows Bluetooth RFCOMM Protocol Information Disclosure Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46707 | important | Windows Broadcast Driver File System Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46013 | important | Windows Broadcast User Service Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46006 | important | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46020 | important | Elevation of Privilege Vulnerability in Windows Common Log File System Driver |
| Microsoft Defender for IoT | CVE-2025-46000 | important | Windows Defender Elevation of Privilege Vulnerability |
| Microsoft Defender for IoT | CVE-2025-46001 | important | Windows Defender Elevation of Privilege Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46711 | important | Windows DirectD Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46738 | emergency | Windows DirectD Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46739 | emergency | Windows DirectD Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46740 | emergency | Windows DirectD Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46007 | important | Windows License Manager Information Disclosure Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46009 | important | Windows License Manager Information Disclosure Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46705 | important | Windows OLE Remote Code Execution Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46005 | important | Windows Remote Access Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46706 | important | Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46725 | important | Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46726 | important | Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46727 | important | Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46701 | important | Windows Speech Elevation of Privilege Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46737 | important | Windows Speech Elevation of Privilege Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46004 | important | Elevation of Privilege Vulnerability in Windows Subsystem for Linux |
| Windows 10 Version 1809 | CVE-2025-46002 | important | Windows TCP/IP Information Disclosure Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46749 | important | Windows TCP/IP Information Disclosure Vulnerability |
| Windows 10 Version 1809 | CVE-2025-46736 | important | Windows WLAN Service Elevation of Privilege Vulnerability |
In addition, the issue that occurred with the preview update 'KB5067036' released in October 2025, where the Task Manager window would not actually terminate even if it was closed , has been resolved in ' KB5068861 ,' which includes this security update.
In addition, KB5068781, the first Extended Security Update (ESU) for Windows 10, which will reach the end of support on October 15, 2025 (Japan time), has been released. However, an irregular update, KB5071959 , has also been released to address an issue where registration for this ESU could fail.
Windows Update is released on the second Tuesday of every month in the US, and the next update is scheduled to be available on Wednesday, December 9, 2025, Japan time.
Related Posts:
