Microsoft has released its December security updates, covering 57 vulnerabilities across various components such as PowerShell, Projected File System, and Storage VSP Driver. The update also addresses moderate-severity issues in Edge on iOS devices and non-Microsoft vulnerabilities in Chromium-based web browsers like Edge. In addition to the security fixes, Microsoft has provided detailed information online about new features, including enhanced safety measures and improved transparency through machine-readable VEX files. The updates also include hotpatching for virtual machines running Windows Server Azure Edition, with Microsoft recommending Extended Security Updates (ESU) for older systems without ESU enabled.
Microsoft December 2025 Security Updates
Microsoft just released its December security updates. This month's batch covers 57 different CVEs, Microsoft Common Vulnerabilities and Exposures. Think of these as fixes for various weaknesses found within Windows building blocks, including parts like PowerShell, the Projected File System, and the Storage VSP Driver.
Also included in this release are patches fixing several moderate-severity issues specifically found in Edge on iOS devices. Separately, Microsoft addressed 13 non-Microsoft vulnerabilities. These primarily impact their Chromium-based web browsers (like Edge).
In addition to the security fixes, Microsoft has provided more detailed information online. Their blog post about new features and updates dives into enhanced safety measures and increased openness via something called machine-readable VEX files.
A notable feature added this time is hotpatching for virtual machines running Windows Server Azure Edition. This helps keep systems secure with less disruption. They're also beefing up their release notes to give clearer, more complete information about upcoming changes, which will help everyone understand what's being installed.
For the latest security goodness on Windows Server 2008 R2 and earlier Windows Server editions without Extended Security Updates (ESU) enabled, it is highly recommended to get those. ESU is necessary if you want Microsoft to continue providing security fixes for these older systems after their standard support has ended.
Finally, Microsoft's made some known problems publicly available on a tab in its update site. You can probably find information about them also via the Windows message center or through specific knowledge base articles like 5071413 and 5072033.
Security Update Guide - Microsoft Security Response Center
