Fortra's December 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.
Up first on the list are patches for Microsoft Edge (Chromium-based) that resolve 13 type confusion, inappropriate implementation, and use after free vulnerabilities.
Next on the list are patches for Microsoft Office, Word, Access, Outlook and Excel. These patches resolve 13 remote code execution vulnerabilities.
Up next are patches that affect components of the core Windows operating system. These patches resolve over 35 vulnerabilities, including elevation of privilege, spoofing, denial of service, information disclosure, and remote code execution vulnerabilities. These vulnerabilities affect Kernel, RRAS, Projected File System, MSMQ, Graphics, and various others.
Lastly, administrators should focus on server-side patches for SharePoint, Exchange, and Hyper-V. These patches resolve 4 issues including remote code execution, elevation of privilege, and spoofing vulnerabilities.
| BULLETIN | CVE |
|---|---|
| Microsoft Edge (Chromium-based) | CVE-2025-13630, CVE-2025-13631, CVE-2025-13632, CVE-2025-13633, CVE-2025-13634, CVE-2025-13635, CVE-2025-13636, CVE-2025-13637, CVE-2025-13638, CVE-2025-13639, CVE-2025-13640, CVE-2025-13720, CVE-2025-13721 |
| Microsoft Office Excel | CVE-2025-62561, CVE-2025-62564, CVE-2025-62563, CVE-2025-62560, CVE-2025-62553, CVE-2025-62556 |
| Microsoft Office | CVE-2025-62557, CVE-2025-62554 |
| Microsoft Office Word | CVE-2025-62559, CVE-2025-62558, CVE-2025-62555 |
| Microsoft Office Access | CVE-2025-62552 |
| Microsoft Office Outlook | CVE-2025-62562 |
| Windows | CVE-2025-62569, CVE-2025-62469, CVE-2025-62468, CVE-2025-62571, CVE-2025-62470, CVE-2025-64671, CVE-2025-62465, CVE-2025-62463, CVE-2025-62573, CVE-2025-54100, CVE-2025-62461, CVE-2025-62570, CVE-2025-62457, CVE-2025-62454, CVE-2025-62221, CVE-2025-64670, CVE-2025-62458, CVE-2025-64673, CVE-2025-62466, CVE-2025-62565, CVE-2025-64658, CVE-2025-64661, CVE-2025-64679, CVE-2025-64680, CVE-2025-62462, CVE-2025-62464, CVE-2025-62467, CVE-2025-55233, CVE-2025-59517, CVE-2025-59516, CVE-2025-62572, CVE-2025-62473, CVE-2025-64678, CVE-2025-62549, CVE-2025-62455, CVE-2025-62456, CVE-2025-62472, CVE-2025-62474 |
| Windows Hyper-V | CVE-2025-62567 |
| Microsoft Office SharePoint | CVE-2025-64672 |
| Microsoft Exchange Server | CVE-2025-64666, CVE-2025-64667 |
Cybersecurity for Your Industry
Your industry is unique. Your cybersecurity stack should be, too. Fortra® offers cybersecurity solutions to meet the challenges and compliance requirements of industries around the world.
