#patch-management

[ follow ]
#cybersecurity #vulnerability #remote-code-execution #wsus #cve-2025-59287 #windows-server #adobe-patches
fromTheregister
1 week ago

Microsoft issues out-of-band patch for critical WSUS flaw

Microsoft has released an out-of-band update to patch a critical vulnerability in Windows Server Update Services (WSUS). The update addresses CVE-2025-59287">CVE-2025-59287, a remote code execution flaw affecting Windows Server versions 2012 through 2025. The vulnerability stems from insecure deserialization of untrusted data, allowing unauthenticated attackers to execute arbitrary code. A proof-of-concept exploit is publicly available. The vulnerability has been assigned a maximum severity level of "critical". Only servers with the WSUS role enabled are affected.
Information security
Information security
fromZero Day Initiative
2 weeks ago

Zero Day Initiative - The October 2025 Security Update Review

Adobe released 12 bulletins addressing 36 CVEs, including multiple Critical code-execution vulnerabilities in Substance 3D Stager, Dimension, Illustrator, Commerce, and FrameMaker.
Information security
fromSecurityWeek
1 month ago

Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers

A command-injection vulnerability in Libraesva ESG allows arbitrary shell command execution via crafted compressed email attachments; patches available for ESG 5.x while 4.x is discontinued.
Information security
fromTechzine Global
2 months ago

Authorities warn Citrix zero-days will likely be abused

Critical NetScaler vulnerabilities, including an actively exploited CVE-2025-7775 zero-day, enable system takeover, denial-of-service, and data access — immediate patching required.
#cybersecurity
more#cybersecurity
fromComputerWeekly.com
4 months ago

Citrix Bleed 2 under active attack, reports suggest | Computer Weekly

While no public reporting of exploitation for this vulnerability has emerged, ReliaQuest has observed indications of exploitation to gain initial access.
Information security
DevOps
fromComputerworld
5 months ago

Coming soon to enterprises: One Windows Update to rule them all

Microsoft aims to unify update management for Windows and apps, simplifying processes and reducing costs for system administrators.
fromTechzine Global
6 months ago

SAP patches zero-day vulnerability in NetWeaver, denies exploitation

ReliaQuest reported that multiple customers have been compromised via unauthorized file uploads to SAP NetWeaver, allowing remote code execution.
Information security
[ Load more ]