To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), Microsoft have recently released its December security update notice, there are 57 vulnerability updates this time.

The updates this time mainly cover the following components: Windows Cloud Files Mini Filter Driver, Windows Remote Access Connection Manager, Microsoft Office, etc. products vulnerabilities.

Details of the vulnerabilities: 

• Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62221

• Microsoft Office Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62557

• Microsoft Office Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62554

• Windows Storage VSP Driver Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-59517

• Windows Storage VSP Driver Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-59516

• Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62472

• Windows Common Log File System Driver Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62470

• Win32k Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62458

• Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62454

For more details about Microsoft December Updates, please refer to: https://msrc.microsoft.com/update-guide/releaseNote/2025-dec

If the relevant affected products are used, please install the security updates released by Microsoft as soon as possible. 

Reference

• How to download and install software in a secure manner?
• Basic Knowledge of Online Safety and Security
• Other Information Security Tips

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office