A security update for Windows Server Update Service (WSUS) addressing a critical vulnerability has inadvertently disabled hotpatching on some Windows Server 2025 devices. Microsoft has halted the update for hotpatch-enrolled systems and released a new patch (KB5070893) that fixes the vulnerability without disrupting hotpatching. Administrators are advised to pause updates, install the new patch, and monitor their systems for continued security and stability.
A critical vulnerability in Windows Server Update Services (WSUS), tracked as CVE-2025-59287, is actively exploited by threat actors across multiple organizations, despite Microsoft releasing an emergency patch. The flaw allows unauthenticated remote code execution, and attackers are conducting reconnaissance and data exfiltration, posing a significant risk to affected servers. Experts warn that the vulnerability's ease of exploitation and the patch's incomplete fix increase the threat landscape, urging organizations to apply updates promptly.
A critical remote code execution vulnerability in Microsoft WSUS (CVE-2025-59287) was actively exploited in the wild shortly after an emergency patch was released. The flaw allows unauthenticated attackers to execute arbitrary code on affected servers, primarily impacting systems with the WSUS role enabled. Microsoft recommends immediate patching or applying workarounds such as disabling the WSUS role or blocking high-risk ports to mitigate the risk.
Microsoft has issued an emergency security update for Windows Server to address a critical vulnerability (CVE-2025-59287) actively exploited in attacks, with urgent recommendations from the Cybersecurity and Infrastructure Security Agency for organizations to update immediately to prevent remote code execution threats.
Microsoft has issued an emergency security update for Windows Server due to a critical vulnerability (CVE-2025-59287) that is actively being exploited in attacks, with CISA warning federal agencies to apply the update immediately to prevent remote code execution and system compromise.
A critical vulnerability in Microsoft Windows Server Update Services (WSUS), tracked as CVE-2025-59287, has been exploited by attackers shortly after an emergency patch was issued. The flaw allows remote code execution and affects Windows Server versions 2012-2025. Despite Microsoft releasing a fix, security researchers warn that the patch may not fully mitigate the risk, and exploitation activity has been observed, especially targeting exposed WSUS instances. Experts advise organizations to ensure their systems are properly patched and not exposed to the internet to prevent compromise.
Microsoft released urgent out-of-band security updates for a critical WSUS vulnerability (CVE-2025-59287) that is actively being exploited in the wild, allowing remote code execution through unsafe deserialization. Users are advised to apply the patch immediately and follow recommended mitigations to prevent attacks.
Microsoft released a critical out-of-band update for Windows Server Update Services (WSUS) to fix a severe vulnerability (CVE-2025-59287) that allows remote code execution, affecting servers with the WSUS role enabled. The update is urgent, especially as WSUS is deprecated, prompting Microsoft to recommend switching to cloud-based solutions like Intune. A reboot is required, and administrators are advised to disable the role or block specific ports if immediate patching isn't possible.
A PoC exploit has been released for a critical vulnerability in Windows Server Update Services (CVE-2025-59287), allowing unauthenticated attackers to execute remote code with SYSTEM privileges by exploiting unsafe deserialization in the AuthorizationCookie handling. The flaw affects all supported Windows Server versions and poses a severe risk of widespread compromise, prompting Microsoft to urge immediate patching and mitigation measures.
