A serious security flaw called CVE-2025-62221 is under active attack. It affects the Windows Cloud Files Mini Filter Driver, which manages cloud-synced files like OneDrive. Microsoft has released a fix.

Error Details:

CVE-2025-62221: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Why This Error and Vulnerability Happens

This security flaw lives in the Cloud Files Mini Filter Driver (cldflt.sys), a Windows component that connects cloud storage services like OneDrive and Dropbox to File Explorer. The bug lets attackers run code that gives them full system access. Instead of basic user permissions, they can get SYSTEM-level control to install programs, access data, and create admin accounts.

Microsoft has confirmed active attacks using this vulnerability. It affects Windows 10 and 11 systems. See our Windows fixes page for the full list of affected versions.

Step-by-Step Fix: Apply the December 2025 Security Update

Microsoft released a fix in the December 9, 2025 security updates. Install the right update for your Windows version.

  • Identify Your Windows Version: Press Windows Key + R, type winver, press Enter. Note your version (like Windows 11 Version 23H2).
  • Install Updates via Windows Update:
  • Go to Settings > Windows Update
  • Click Check for updates
  • Install all updates, focusing on "Security Update" or "Cumulative Update" from December 9, 2025 or later
  • Restart when asked
  • For Managed Systems (Manual/WSUS): If you use WSUS or Microsoft Intune, push the December 2025 security update to all systems. Admins can use PowerShell scripts to check update status.
  • Verify the Fix: Check that it worked:
  • Open Settings > Windows Update > Update history
  • Find the December 2025 Security Update installation (KB number varies by Windows version)

Note on Post Type: This is a tracking post. We're watching the patch rollout and will update this article if needed.

Security Basics That Work

After patching:

  • Turn on Automatic Updates: This catches problems early
  • Lock Down User Rights: Give people only the access they need
  • Run Good Security Software: Keep antivirus and anti-malware current

Small businesses often struggle with updates and security settings. Our managed IT services handle patches and monitoring for you in Seattle and Tacoma.

Need help with updates or security? Contact us for quick support.