Tag

Cve 2025 59287

All articles tagged with #cve 2025 59287

technology3 months ago•2 min saved

Microsoft and Google Warn of Active WSUS and Windows Service Exploits

A security update for Windows Server Update Service (WSUS) addressing a critical vulnerability has inadvertently disabled hotpatching on some Windows Server 2025 devices. Microsoft has halted the update for hotpatch-enrolled systems and released a new patch (KB5070893) that fixes the vulnerability without disrupting hotpatching. Administrators are advised to pause updates, install the new patch, and monitor their systems for continued security and stability.

via BleepingComputer|

#cve-2025-59287 #hotpatching #security-update

security4 months ago•4 min saved

Microsoft WSUS Vulnerability Under Active Attack, Urgent Updates Issued

A critical vulnerability in Windows Server Update Services (WSUS), tracked as CVE-2025-59287, is actively exploited by threat actors across multiple organizations, despite Microsoft releasing an emergency patch. The flaw allows unauthenticated remote code execution, and attackers are conducting reconnaissance and data exfiltration, posing a significant risk to affected servers. Experts warn that the vulnerability's ease of exploitation and the patch's incomplete fix increase the threat landscape, urging organizations to apply updates promptly.

via theregister.com|

#cve-2025-59287 #cybersecurity #exploitation

security4 months ago•6 min saved

Active Exploitation of Critical Windows Server Update Service Vulnerability

A critical remote code execution vulnerability in Microsoft WSUS (CVE-2025-59287) was actively exploited in the wild shortly after an emergency patch was released. The flaw allows unauthenticated attackers to execute arbitrary code on affected servers, primarily impacting systems with the WSUS role enabled. Microsoft recommends immediate patching or applying workarounds such as disabling the WSUS role or blocking high-risk ports to mitigate the risk.

via Unit 42|

#active-exploitation #cve-2025-59287 #microsoft-patch

technology4 months ago•3 min saved

Microsoft Releases Urgent Windows Update Amid Rising Attacks

Microsoft has issued an emergency security update for Windows Server to address a critical vulnerability (CVE-2025-59287) actively exploited in attacks, with urgent recommendations from the Cybersecurity and Infrastructure Security Agency for organizations to update immediately to prevent remote code execution threats.

via Forbes|

#cve-2025-59287 #cyberattack #microsoft

technology4 months ago•2 min saved

Microsoft Releases Urgent Patch for Active Windows Server WSUS Exploits

Microsoft has issued an emergency security update for Windows Server due to a critical vulnerability (CVE-2025-59287) that is actively being exploited in attacks, with CISA warning federal agencies to apply the update immediately to prevent remote code execution and system compromise.

via Forbes|

#cve-2025-59287 #cybersecurity #security-vulnerability

security4 months ago•3 min saved

Active Exploitation of Critical Windows Server WSUS Vulnerability Prompts Urgent Patch

A critical vulnerability in Microsoft Windows Server Update Services (WSUS), tracked as CVE-2025-59287, has been exploited by attackers shortly after an emergency patch was issued. The flaw allows remote code execution and affects Windows Server versions 2012-2025. Despite Microsoft releasing a fix, security researchers warn that the patch may not fully mitigate the risk, and exploitation activity has been observed, especially targeting exposed WSUS instances. Experts advise organizations to ensure their systems are properly patched and not exposed to the internet to prevent compromise.

via theregister.com|

#cve-2025-59287 #exploitation #patch-update

technology4 months ago•3 min saved

Microsoft Releases Urgent Patch for Critical WSUS Vulnerability Exploited in the Wild

Microsoft released urgent out-of-band security updates for a critical WSUS vulnerability (CVE-2025-59287) that is actively being exploited in the wild, allowing remote code execution through unsafe deserialization. Users are advised to apply the patch immediately and follow recommended mitigations to prevent attacks.

via The Hacker News|

#active-exploitation #cve-2025-59287 #microsoft-wsus-vulnerability

technology4 months ago•1 min saved

Microsoft Releases Urgent Patch for Actively Exploited WSUS Vulnerability

Microsoft released a critical out-of-band update for Windows Server Update Services (WSUS) to fix a severe vulnerability (CVE-2025-59287) that allows remote code execution, affecting servers with the WSUS role enabled. The update is urgent, especially as WSUS is deprecated, prompting Microsoft to recommend switching to cloud-based solutions like Intune. A reboot is required, and administrators are advised to disable the role or block specific ports if immediate patching isn't possible.

via theregister.com|

#cve-2025-59287 #remote-code-execution #security-patch

technology4 months ago•2 min saved

PoC Exploit Unveiled for Windows Server Update Services RCE Flaw

A PoC exploit has been released for a critical vulnerability in Windows Server Update Services (CVE-2025-59287), allowing unauthenticated attackers to execute remote code with SYSTEM privileges by exploiting unsafe deserialization in the AuthorizationCookie handling. The flaw affects all supported Windows Server versions and poses a severe risk of widespread compromise, prompting Microsoft to urge immediate patching and mitigation measures.

via CyberSecurityNews|

#cve-2025-59287 #cybersecurity #poc-exploit