Critical Zero-Day Flaws Fixed By Microsoft, Notepad on December Patch Tuesday

December 11, 2025Source: The Register

Found this useful? Share it with your network

December's Patch Tuesday saw significant updates from top tech firms, notably Microsoft, which addressed 57 critical vulnerabilities (CVEs), including one zero-day exploit that could allow local privilege escalation through the Windows Cloud Files Mini Filter Driver. This poses a serious threat as attackers with existing code execution can escalate their access to system-level controls. Notepad++ also responded to an active security risk that allowed traffic hijacking from its updater, emphasizing the need for stringent validation processes in software updates. These vulnerabilities highlight the ongoing challenges in securing healthcare technology systems, which often rely on software integrations that can be targeted by cyber threats.

Read Full Article

Opens on The Register

More News

AMA Asking For Stronger Safeguards on AI Mental Health Chatbots

April 29, 2026MobiHealthNews

Andrea Daugherty Appointed Chief Information and Digital Transformation Officer at ARMC

April 24, 2026arrowheadregional.org

Craig Richardville Appointed Chief Digital and Information Officer at UF Health

April 13, 2026ufhealth.org

Former AMA Exec Margaret Lozovatsky Named CDIO At Premier Health

April 10, 2026premierhealth.com

Signature Healthcare Diverts Ambulances Following Cybersecurity Incident

April 8, 2026SecurityWeek

More Than 100 Hospitals Suing HHS Over Alleged Underpayment

April 6, 2026MedCity News