"critical patches issued for microsoft products, december 9, 2025 critical patches issued for microsoft products, december 9, 2025 ms - isac advisory number : 2025 - 113date ( s ) issued : 12 / 09 / 2025overview : multiple vulnerabilities have been discovered in microsoft products…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1068Exploitation for Privilege Escalation
51%
"refs ) - windows win32k - grfx - windows projected file system filter driver - windows directx - windows client - side caching ( csc ) service - windows defender firewall service - microsoft brokering file system - windows common log file system driver - windows remote access con…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1078.001Default Accounts
43%
"application programming interface ( api ), hosted services, and physical premise controls ; frequency ; limitations, such as acceptable hours, and excluded attack types ; point of contact information ; remediation, such as how findings will be routed internally ; and retrospectiv…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1078.001Default Accounts
35%
"enterprise assets and software, such as root, administrator, and other pre - configured vendor accounts. example implementations can include : disabling default accounts or making them unusable. - safeguard 5. 5 : establish and maintain an inventory of service accounts : establis…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.