Microsoft has over 175 vulnerabilities which require patches ASAP!

Darkreading.com reported that “With 63 unique CVEs, Microsoft's November security update is considerably slimmer than the company's record-busting patch rollout last month, which contained fixes for as many as 175 vulnerabilities.”  The November 11, 2025 article entitled “Patch Now: Microsoft Flags Zero-Day & Critical Zero-Click Bugs” (https://www.darkreading.com/vulnerabilities-threats/patch-now-microsoft-zero-day-critical-zero-click-bugs) included these comments:

November's rollout includes fixes for one actively exploited flaw, five that Microsoft rated as more likely to be targeted, and a single critical vulnerability, alongside the usual mix of privilege escalation, remote code execution (RCE), information disclosure, and denial-of-service (DoS) issues.

The zero-day bug that attackers are already exploiting is CVE-2025-62215 (CVSS 7.5). It affects the Windows Kernel, and it allows attackers who have already compromised a system to escalate privileges and gain admin-level rights. Microsoft identified the vulnerability as being tied to a race condition, which is something that allows attackers to manipulate the timing of specific operations.

Is anyone surprised?