Cyber999 Advisories

16 November 2025     Advisory

MA-1403.112025: MyCERT Advisory - Security Updates Microsoft - November 2025


1.0 Introduction

Microsoft has released its November 2025 Patch Tuesday security updates addressing a total of 68 vulnerabilities across multiple products and services. The update includes one actively exploited zero-day vulnerability, five critical vulnerabilities, and 64 important vulnerabilities affecting core components such as Windows Kernel, Microsoft Office, Visual Studio, DirectX, SQL Server, Windows Hyper-V, and Edge (Chromium-based).

2.0 Impact

Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code, gain system privileges, expose sensitive information, or compromise system integrity.

3.0 Affected Products

Actively Exploited Zero-Days vulnerability

  • CVE-2025-62215 - Windows Kernel Elevation of Privilege

Critical Vulnerabilities

  • CVE-2025-60724 – GDI+ Component
  • CVE-2025-62199 – Microsoft Office 
  • CVE-2025-60716 – DirectX Graphics Kernel
  • CVE-2025-62214 – Visual Studio
  • CVE-2025-30398 – Nuance PowerScribe 360

4.0 Recommendations

CyberSecurity Malaysia encourages users and administrators to review the  Microsoft MSRC Security Update Guide  and apply the necessary updates.

Kindly refer to the following URL:  https://msrc.microsoft.com/update-guide/releaseNote/2025-Nov

Generally, we advise users to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact Cyber999 Incident Response Centre through the following channels:

E-mail: cyber999[at]cybersecurity.my 
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting) 
Business Hours: Mon - Fri 08:30 -17:30 MYT 
Web:  https://www.cybersecurity.my
 
5.0 References

logo
CyberSecurity Malaysia is the national cyber security specialist agency under the purview of the Ministry of Digital (KD)
 
Contact Us

  • CyberSecurity Malaysia,
    Level 7 Tower 1, Menara Cyber Axis, Jalan Impact,
    63000 Cyberjaya, Selangor Darul Ehsan, Malaysia.

  • enquiry@cybersecurity.my

  • +603 - 8800 7999

  • +603 - 8008 7000

TOP
ASK Byte
Chatbot Portal

Hi, I am ASK Byte. Please submit your questions about the portal and I will try to get answers from online knowledge stores.

Hi, Saya Admin Chatbot. Saya sedia chat dengan anda secara terus. Bagaimana saya boleh membantu anda?

Click the button below to interact with the CSM chatbot

Proceed