Microsoft Patches Critical WSUS Vulnerability in Windows Server

25 Oct 2025

Microsoft has released urgent patches for a critical vulnerability (CVE-2025-59287) in Windows Server Update Services (WSUS) impacting Windows Server versions 2012 through 2025. The flaw, resulting from insecure deserialization of data, exposes servers to remote code execution threats.

Vulnerability Details and Exploitation

The vulnerability allows unauthenticated attackers to execute arbitrary code, compromising WSUS servers. Security researcher Kevin Beaumont successfully demonstrated the exploit, highlighting the risk of tampered updates being pushed to clients. While Microsoft issued an initial patch on 2023-10-14, further mitigation was required, leading to an out-of-band patch.

The US CISA has added this vulnerability to its catalog of known exploits, while the Dutch National Cybersecurity Center has reported exploitation activity. Security firms Huntress and WatchTowr noted attacks beginning around 2023-10-23, primarily targeting WSUS instances on default ports 8530/8531.

Advisory and Risk Assessment

Attackers have used this vulnerability to execute commands, harvest information, and exfiltrate data through proxy networks. According to Huntress, fewer than 25 susceptible hosts were publicly exposed, but WatchTowr identified over 8,000 potentially vulnerable instances, including those within high-value organizations.

Microsoft has assured that customers using the latest updates are protected and urges administrators to apply these patches immediately. It is also recommended to avoid exposing WSUS servers to the public internet to mitigate risk further.

Mitigation and Recommendations

Administrators are advised to implement the latest security patches as a priority measure. Complementary to this, companies should assess network exposure and secure WSUS deployments to prevent exploitation.

  • The critical WSUS vulnerability was identified by CVE-2025-59287 as a deserialization issue.
  • Microsoft's patch was initially released on 2023-10-14, with further mitigation issued as an out-of-band patch.
  • Exploitation was first noted around 2023-10-23, targeting default ports 8530/8531.
  • Huntress reported less than 25 exposed vulnerable hosts.
  • More than 8,000 instances are at risk according to WatchTowr.

Update: 25 Oct 2025

Top charts for Desktop Windows

uTorrent

uTorrent

Latest update uTorrent download for free for Windows PC or Android mobile

5
1032 reviews
7508549
downloads
Zona

Zona

Latest update Zona download for free for Windows PC or Android mobile

4
614 reviews
1735268
downloads
WinRAR

WinRAR

Streamline file management with fast compression, secure your documents, and save space.

5
735 reviews
746701
downloads
Minecraft

Minecraft

Shape environments, explore vast worlds, and survive against monsters with endless creativity.

5
750 reviews
495406
downloads

News and reviews for Desktop Windows

Visio 2021 Professional Now $9.97 Until February 8

Visio 2021 Professional Now $9.97 Until February 8

Microsoft offers Visio 2021 Professional for $9.97, down from $249, with added templates, until February 8.

Read more
Code Vein Offers Stylish Combat, Discounted Editions

Code Vein Offers Stylish Combat, Discounted Editions

Code Vein captivates with anime-style combat and offers discounted editions. Fast-paced action meets fun builds in this cult classic.

Read more
Microsoft Phases Out RC4 in Kerberos for Windows Security

Microsoft Phases Out RC4 in Kerberos for Windows Security

Microsoft to eliminate RC4 in Kerberos by July 2026, enhancing Windows security.

Read more
Highguard Faces Criticism but Shows Potential for Growth

Highguard Faces Criticism but Shows Potential for Growth

Highguard, launched with controversy, holds potential despite poor reviews. Offering genre innovation, it aims to evolve against negative feedback.

Read more
PS2Recomp Boosts Native PS2 Games with Recompilation

PS2Recomp Boosts Native PS2 Games with Recompilation

PS2Recomp, a new tool, promises enhanced native PS2 game ports, sparking interest among developers for PC platforms.

Read more
NVIDIA Introduces RTX Remix Logic for Classic Game Mods

NVIDIA Introduces RTX Remix Logic for Classic Game Mods

NVIDIA's RTX Remix Logic, launched on 2026-01-27, enables dynamic modding of classic PC games with a no-code node-based interface.

Read more
Windows 11 Update KB5074109 Affects Legacy Modems

Windows 11 Update KB5074109 Affects Legacy Modems

The Windows 11 update KB5074109 disrupts modems by removing several legacy drivers, causing connectivity issues for select users.

Read more
Anytype Replaces Notion, Obsidian, and Todoist for Unified Workflow

Anytype Replaces Notion, Obsidian, and Todoist for Unified Workflow

Anytype consolidates Notion, Obsidian, and Todoist functions, reducing context-switching and improving workflow efficiency.

Read more
ReBlade: Cyberpunk Roguelike Announced by ChillyRoom

ReBlade: Cyberpunk Roguelike Announced by ChillyRoom

ReBlade from ChillyRoom and Spiral Up Games announced for PC: cyberpunk roguelike offers high-speed action in a dystopian setting.

Read more
Artorias Battles Elden Ring Bosses in New Video Showcase

Artorias Battles Elden Ring Bosses in New Video Showcase

Artorias from Dark Souls faces Elden Ring bosses, demonstrating impressive skills in Fights' YouTube video.

Read more
All article