Microsoft issues patches for 56 security flaws - all 'important' severity or above

• Microsoft Patch Tuesday fixes 56 vulnerabilities, including one actively exploited zero-day
• Key flaws: CVE-2025-62221 privilege escalation, Copilot RCE, PowerShell Invoke-WebRequest RCE
• Updates bring Copilot UI tweaks, File Explorer fixes, and PowerShell warnings

Microsoft has released this month’s Patch Tuesday cumulative update, fixing a total of 56 vulnerabilities found across the Windows ecosystem. All of the bugs are labeled at least ‘important’ in severity, and one of them is being actively exploited in the wild as a zero-day.

In the security advisory, which lists all of the vulnerabilities fixed (and which can be found on this link) Microsoft said it addressed a use-after-free vulnerability in Windows Cloud Files Mini Filter Driver, which allows threat actors to locally elevate privileges.

This vulnerability, which is allegedly exploited in the wild already, is now tracked as CVE-2025-62221, and has a severity score of 7.8/10 (high).