Staying safe in a digital world

Understanding microsoft vulnerabilities

Microsoft vulnerabilities are weaknesses in Microsoft software that can be exploited by attackers. These vulnerabilities can allow attackers to gain unauthorized access to your computer, steal your data, or install malware. Just starting this blog. Need to learn how to add chronological page for more clear updates. 

 

November 23, 2025 -

Table of vulnerabilities

November 2025 Security Updates - Release Notes - Security Update Guide - Microsoft

 

Microsoft this week pushed security updates to fix more than 60 vulnerabilities in its Windows operating systems and supported software, including at least one zero-day bug that is already being exploited. 

Affected products this month include the Windows OS, Office, SharePoint, SQL Server, Visual Studio, GitHub Copilot, and Azure Monitor Agent. The zero-day threat concerns a memory corruption bug deep in the Windows innards called CVE-2025-62215. Despite the flaw’s zero-day status, Microsoft has assigned it an “important” rating rather than critical, because exploiting it requires an attacker to already have access to the target’s device.

Microsoft patched a critical bug in Office — CVE-2025-62199 — that can lead to remote code execution on a Windows system. Alex Vovk, CEO and co-founder of Action1, said this Office flaw is a high priority because it is low complexity, needs no privileges, and can be exploited just by viewing a booby-trapped message in the Preview Pane.

 

 

November 30, 2025 - Some Microsoft windows problems this week to be aware of . 

Microsoft: Windows updates make password login option invisible

Microsoft has not released a workaround beyond using the invisible button functionality and said that it's working to resolve the problem, but has yet to provide a timeline for a fix.

However, it added that hovering over the space where the icon should appear reveals the button, allowing users to sign in with their password.

Microsoft warned users that Windows 11 updates released since August may cause the password sign-in option to disappear from the lock screen options, even though the button remains functional.

On Windows 11, the password icon appears only if multiple sign-in options (e.g., PIN, security key, password, fingerprint) are available. If you only use a password, the icon may not appear at all since Windows will just show the password field by default.

As Microsoft revealed in updated support documents this week, users with multiple sign-in options enabled may still not see the password icon on the lock screen if they installed the August 2025 KB5064081 non-security preview update or subsequent updates on Windows 11 24H2 and 25H2 systems.

Item 2 - PATCHING OVER AND OVER in windows 11

Microsoft rolls out emergency fix for Windows Update issue | PCWorld

Microsoft has begun rolling out update KB5072753, a new emergency out-of-band patch for Windows 11 that fixes a bug that was introduced in November’s KB5068966 update. The bug in question caused Windows Update to try to install the same update over and over again, even though it was already installed.

Microsoft describes the problem as follows: “After you install the November 2025 Hotpatch update (KB5068966) on Windows 11, version 25H2, Windows Update might download and install the update again. This doesn’t affect functionality. Only the update history will show the latest installation time.”

According to BleepingComputer, update KB5068966 is fully replaced by the newer out-of-band update KB5072753, so if you install the latter, you don’t need to install the former as well. Windows 11 users don’t need to take any action themselves, as Microsoft will automatically roll out KB5072753 to all Windows 11 25H2 machines via Windows Update.