Currently, attackers are targeting Windows 11 and Windows Server 2022, among others. Therefore, administrators should ensure that Windows Update is active on their systems and that the latest security patches are installed.

Prepare for Attacks

In addition to Windows, the developers have also closed vulnerabilities in Azure and Office, among others. In the worst case, attackers can execute malicious code remotely and thus completely compromise PCs. This could happen, for example, via two publicly known vulnerabilities in GitHub Copilot for Jetbrains (CVE-2025-64671 "high") and PowerShell (CVE-2025-54100 "high"). Attacks can be anticipated at these points.

The currently exploited vulnerability (CVE-2025-62221 "high") in the Cloud Files Mini Filter Driver affects various Windows and Windows Server versions, including current releases. If attacks are successful, attackers gain system privileges. They typically then use this position to gain full control over computers. How and to what extent the attacks are carried out is currently unknown.

Microsoft classifies three more code execution vulnerabilities in Office (CVE-2025-62554 "high", CVE-2025-62557 "high") and Outlook (CVE-2025-62562 "high") as particularly dangerous.

Further Dangers

Furthermore, the developers have closed several vulnerabilities in DirectX, Brokering File System, and Excel, among others. Additionally, attacks on Azure and Hyper-V are possible. In these cases, attackers can gain elevated privileges or execute their own code. Microsoft lists further information on the vulnerabilities and patches in the Security Update Guide.

(des)

Don’t miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.