Episode Details

Attackers don’t take holidays off. In this December Patch Tuesday episode, the Automox security team breaks down three high-impact vulnerabilities landing at the end of 2025. Ryan, Mat, and Seth unpack the React2Shell RCE hitting React Server Components, an Azure Monitor Agent flaw that turns the syslog user into a stealthy foothold, and a Windows File Explorer bug where a single click may trigger privilege escalation.

You’ll hear why light patch months aren’t always low-risk, how bundled dependencies can expose you even if you don’t “use” React, and why log pipelines remain a prime target for attackers looking to hide their tracks. The team also covers seasonal phishing trends and what to expect as skeleton crews head into the holidays.