#windows-server

[ follow ]
#microsoft #cve-2025-59287 #wsus #patch-tuesday #binaryformatter #remote-code-execution #patch-management
Information security
fromThe Hacker News
1 week ago

Microsoft Issues Emergency Patch for Actively Exploited Critical WSUS Vulnerability

Critical WSUS RCE (CVE-2025-59287, CVSS 9.8) with public PoC is under active exploitation; Microsoft released out-of-band patches for affected Windows Server versions.
fromTheregister
1 week ago

Microsoft issues out-of-band patch for critical WSUS flaw

Microsoft has released an out-of-band update to patch a critical vulnerability in Windows Server Update Services (WSUS). The update addresses CVE-2025-59287">CVE-2025-59287, a remote code execution flaw affecting Windows Server versions 2012 through 2025. The vulnerability stems from insecure deserialization of untrusted data, allowing unauthenticated attackers to execute arbitrary code. A proof-of-concept exploit is publicly available. The vulnerability has been assigned a maximum severity level of "critical". Only servers with the WSUS role enabled are affected.
Information security
fromCSO Online
2 months ago

Microsoft fixes the fixes that broke Windows tools

Apart from affected clients running Windows 11 v23H2 and Windows 11 v22H2, the bug affected systems running Windows Server 2022 and Windows Server 2019.
Information security
#microsoft
more#microsoft
[ Load more ]