December 2025 News & Updates

Dec, Fri, 2025
nathan
CTC NEWS , Industry News , Mailing List , Monthly Newsletters

Upcoming End of Life for Windows Server 2016 – We’re officially under two years before the Windows Server 2016 End of Life (EOL), currently scheduled for 25 January 2027. This may seem like a long way off but, in most cases, the upgrade from Windows Server 2016 will require not only additional software licenses but also Client Access Licenses (CALs) and hardware and extensive planning to transition older systems off of the current Windows Server 2016 platform.
FortiGate 60E End of Service – The FortiGate 60E firewall / UTM will be out of service on 29 December, 2026. Clients who currently have a FortiGate 60E will be able to renew their security services until December of 2025 but will not be able to renew next year. Our recommendation for those with FortiGate 60E devices currently deployed is to renew for this year and plan to replace it prior to the expiration next year. The current replacement is the FortiGate 60F but there has been chatter that the FortiGate 60G may be released this year.
Client Forms – In an effort to make requesting support easier for common tasks (onboarding and offboarding users, for example), we are launching a number of forms that clients can use to request support. Links to the forms are located at the top of our website under Client Forms.

Holiday Schedule

Christmas – We will be closed on Wednesday, 24 December and Thursday, 25 December 2025 for the Christmas Holiday. We will re-open on Friday, 26 December 2025 at 9:00am (8:00am ET for MyIT Customers).

New Year – We will be closed on Wednesday, 31 December 2025 and Thursday, 1 January 2026 for the New Year Holiday. We will re-open on Friday, 2 January 2026 at 9:00am (8:00am ET for MyIT Customers).

Emergency support will be available for our Commercial and MyIT Customers at holiday rates ( See the How to Request Support and Hourly Rates sections of our FAQ page here https://www.ctc.co/faq ). All non-emergency support requests will be addressed by priority (See the Triage section of or FAQ page here https://www.ctc.co/faq ) in the order that they were received.

Updates

Microsoft released around 57 (or 56 or 57, depending on who you ask) in the last Patch Tuesday of 2025. According to Krebs, Microsoft has patched 1,129 vulnerabilities in 2025, making it the second consecutive year that they’ve patched more than 1,000 bugs and only the third time that they’ve patched more than 1,000 ever. There were three zero day vulnerabilities, patched, a privilege escalation vulnerability in the Windows Cloud Files Mini Filter Driver (CVE-2025-62221), GitHub Copilot for Jetbrains, an RCE (CVE-2025-64671) and another RCE in PowerShell (CVE-2025-54100) . Currently, only CVE-2025-62221 is being actively exploited.

Microsoft releases regular updates the second Tuesday of each month, often referred to as ‘Patch Tuesday’. These updates are categorized as Low, Moderate, Important or Critical. Details on the categories are available here. The updates can include any supported Microsoft product from Windows to Office to Internet Explorer and server products like Exchange and SQL Server. If you have one or more of these products installed, especially if the update is listed as Important or Critical, it’s important that the updates are installed.

Additional details on this months Microsoft updates are available from SANS Internet Storm Center, Krebs, AskWoody.com and Bleeping Computer .

Adobe has released five security bulletins this month, addressing vulnerabilities in a number of products including Cold Fusion, Experience Manager, DNG SDK, Acrobat Reader and Creative Cloud Desktop. The severity of the updates range from Important to Critical and users are encouraged to update as soon as possible.

Like Microsoft, Adobe now releases updates to their products on the second Tuesday of each month. Adobe will also release ‘out of band’ updates if necessary to address critical vulnerabilities in their products. Adobe products include Adobe Reader (for viewing PDF files), Adobe Flash Player (often used to watch videos, for interactive content like games, etc.), Adobe Shockwave and the Adobe Creative Suite (Photoshop, Illustrator, Acrobat, Lightroom, etc

Additional details are available from Adobe Here including links to download the update(s) and instructions for installation.

Honorable Mentions

Fortinet – Fortinet has posted a number of vulnerabilities in a number of products that we covered earlier here.

Need IT Support for your Home or Business? We’d love to help!

Are you a small to medium sized business looking to leverage technology and enable your business and workforce to work smarter and more efficiently? Do you already have computers, servers, firewalls, VPNs or other technology that you’re not taking full advantage of? Are you looking for an IT Service Provider who understands small to medium sized businesses needs and the challenges that we face that can work with you to grow your business rather than just sell you time?

Cyber Tech Cafe an IT Service Company with a focus on helping small to medium business get the most out of their technology investment. As a small business ourselves, we understand the challenges you face and have designed our service offerings to help you get the most out of your technology dollar. We offer on-call, as needed support if you just need a quick fix or extra set of hands right now. We also offer maintenance plans that we call “MyIT” that are designed to address the most common concerns (patch management, disaster recovery / backup, log review, etc.) that are based on the number of workstations and servers that you have and have no term contract. We believe that, if you find value in what we’re doing, you’ll find a way to keep us around without contract saying that you have to.

If you have questions about the MyIT plans or have an IT need that you need addressed right now, let us know. We look forward to the opportunity to earn your business.

Article Submitted by Nathan J. Underwood, CEH