CVE-2025-62221
Microsoft Windows Use After Free Vulnerability
CVSS
—
No CVSS
EPSS
2.4%
p82
KEV
YES
Dec 9, 2025
Exploit Today
75
0-100
Published: — · Last modified: —
Product
Microsoft / Windows
Vulnerability
Microsoft Windows Use After Free Vulnerability
Added to KEV
Dec 9, 2025
Remediate by
Dec 30, 2025
Known ransomware use
No
Summary description
Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-62221 ; https://nvd.nist.gov/vuln/detail/CVE-2025-62221