![Patch [FIX] Tuesday – December 2025 [React2Shell, Holiday Distractions, and High-Risk RCEs], E26](https://img.transistorcdn.com/DSzCr2RBCuYvUp0Z5L76uophZQ-KwJNwoQb_ZYWWDrs/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS81NWQ5/OTMzNzhhNTAxYTJl/N2ExMTQzYzczMjNl/NTAxNS5wbmc.jpg)
Patch [FIX] Tuesday – December 2025 [React2Shell, Holiday Distractions, and High-Risk RCEs], E26
Audio is streamed directly from the publisher (media.transistor.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Attackers don’t take holidays off. In this December Patch Tuesday episode, the Automox security team breaks down three high-impact vulnerabilities landing at the end of 2025. Ryan, Mat, and Seth unpack the React2Shell RCE hitting React Server Components, an Azure Monitor Agent flaw that turns the syslog user into a stealthy foothold, and a Windows File Explorer bug where a single click may trigger privilege escalation.
You’ll hear why light patch months aren’t always low-risk, how bundled dependencies can expose you even if you don’t “use” React, and why log pipelines remain a prime target for attackers looking to hide their tracks. The team also covers seasonal phishing trends and what to expect as skeleton crews head into the holidays.