Microsoft has released its December 2025 security updates, and here’s what you need to know:

What’s in the update?

• Fixes for 57 security vulnerabilities across Windows and Microsoft products.
• Includes 3 zero-day vulnerabilities (issues that attackers are already exploiting or are publicly known).

Why this matters,

Unpatched systems can be targeted by attackers, leading to data breaches or system compromise.

Key Zero-Day Issues

1. Windows Cloud Files Mini Filter Driver – Could allow attackers to gain full system control.
2. GitHub Copilot for JetBrains – Command injection vulnerability.
3. PowerShell Invoke-WebRequest – Remote code execution risk when visiting malicious sites.

What you need to do

• You will receive a prompt from Endpoint Central when your device is ready to reboot to complete the update.
• Please reboot as soon as possible when prompted. This ensures the security patches are fully applied.

Our IT team is managing the deployment, but timely reboots are critical to keep our systems secure.

Thank you for your cooperation!