Microsoft confirmed 41 zero-day vulnerabilities during 2025
Getty Images
It has only been a matter of days since the U.S. Cybersecurity and Infrastructure Security Agency confirmed that Windows users were under attack from two zero-day exploits and urged federal users to update immediately. Here’s the thing, though, as a new report revealed a total of 41 Microsoft zero-day vulnerabilities across 2025 that had been addressed in Patch Tuesday rollouts, others remain unpatched at the time of writing. Yes, you read that right. So, millions of Microsoft users have a security update choice to make: Is relying upon Patch Tuesday enough?
ForbesMicrosoft Worm Attack Warning — Act Rapidly And Change Passwords NowBy Davey WinderMicrosoft Patched 41 Zero-Days — But It’s Not Good Enough
A new Tenable report has confirmed that Microsoft detailed and addressed more than 1,100 vulnerabilities during 2025 Patch Tuesday rollouts. That number included a total of 41 zero-day vulnerabilities. Of these, 24 were known to have been exploited in the wild at the time of the updates. Microsoft distinguishes between vulnerabilities that have been disclosed before a fix is available and those that have already been exploited, using the terms zero-day vulnerability and zero-day exploit.
However you define them, zero-days are never to be ignored. The stakes are, frankly, much too high. That goes for consumers and enterprises alike, as data of all denominations is valuable to cybercriminal hackers. When America’s Cyber Defense Agency confirmed that not only was the CVE-2025-62221 Windows cloud files mini-filter driver escalation-of-privilege vulnerability being actively exploited, but also CVE-2025-6218, a WinRAR issue that only impacts Windows users and was patched in July, it served to highlight both the seriousness and problems of patching zero-days. The December Patch Tuesday rollout fixed the first, but Windows users were not protected from the second unless they updated the application itself.
OK, so you might say that’s a bit of a stretch, Microsoft cannot be expected to address security issues in third-party applications. But what about its own zero-days that are left unpatched by official updates for far too long? Security researchers have just revealed that, while analyzing an already patched Windows Remote Access Connection Manager privilege escalation vulnerability, CVE-2025-59230, a new zero-day emerged. The original vulnerability was patched by Microsoft in October, while a company spokesperson told me that the latest one would be addressed by “a future fix.”
And that, dear reader, is where your decision comes to the fore. Do you wait for Microsoft to release a zero-day patch, whether that is by way of an out-of-band update, not a scheduled Patch Tuesday release, in other words, or do you make the choice to proactively protect your networks, devices and data by using an alternative patching service?
ForbesMicrosoft Silently Activates Critical Windows Security UpdateBy Davey WinderMicrosoft Users Must Now Decide If Patch Tuesday Is Protection Enough
The Windows RasMan zero-day I just mentioned is a great example to use when it comes to the patching choice facing Microsoft users. Are you happy to leave it in Microsoft’s hands and wait until it eventually drops a patch, or should you get proactive and patch it now? The latter is certainly possible, and for many otherwise exposed users it could be considered a must. You can read the report on that zero-day in an analysis published by the co-founder of the 0patch service, Mitja Kolsek. And it’s this service that provides the alternative, or rather an accompanying, solution to the zero-day patching problem.
0patch provides a commercial hot-patching platform, but what I’m interested in, and you should be as well, is the free offering that comes into play when there’s an unpatched Windows zero-vulnerability out there. Hot patches are no-reboot security fixes that install in the background, deployed within the in-memory code of already running processes. 0patch is a combination of hot-patching and micro-patching, and makes these fixes available free of charge to anyone until Microsoft provides an official fix.