Patch Tuesday: Microsoft EoP, NotePad++, Ivanti, Fortinet

Patch Tuesday: Microsoft EoP, NotePad++, Ivanti, Fortinet

Briefly

"Let's start our look at Microsoft's relatively quiet final patch-a-thon for 2025 by considering CVE-2025-62221, a 7.8-CVSS-rated Windows Cloud Files Mini Filter Driver vulnerability that allows an authorized attacker to elevate privileges locally. This one was exploited as a zero-day, according to Redmond, and while we don't yet know who is abusing this security hole, "privilege escalation vulnerabilities are observed in almost every incident involving host compromises, making this a critical vulnerability to patch to limit an attacker's capabilities," Kev Breen, senior director of cyber threat research at Immersive, told The Register. To exploit this bug, an attacker must already have code execution rights on the targeted system, but assuming they've already achieved this, they can then abuse CVE-2025-62221 to escalate privileges and gain system-level access. So prioritize patching this one first."

"The two Redmond vulnerabilities listed as publicly known but not (yet) exploited are CVE-2025-54100, a PowerShell Remote Code Execution (RCE) flaw that earned a 7.8 CVSS rating, and CVE-2025-64671, an 8.4-severity GitHub Copilot for Jetbrains bug that can lead to RCE. CVE-2025-64671 is listed as a local, but as Trend Micro's Zero Day Initiative chief bug hunter Dustin Childs, noted: "It's likely that a remote attacker could socially engineer someone to trigger the command injection.""