Recently, NSFOCUS CERT identified a critical remote code execution vulnerability in Microsoft’s Windows Server Update Service (WSUS), labeled CVE-2025-59287. This vulnerability arises from the failure of WSUS’s GetCookie function to conduct type verification on incoming objects. This oversight allows an unauthenticated attacker to exploit the server by deserializing malicious data, ultimately gaining remote code execution…

Microsoft has confirmed a significant issue with Kerberos and NTLM authentication on Windows 11 (versions 24H2 and 25H2) and Windows Server 2025 systems. The problem is attributed to devices sharing duplicate Security IDs (SIDs), which has resulted in widespread login failures. The issue emerged after users installed recent cumulative updates, including: August 29, 2025 (KB5064081)…

Microsoft is facing significant issues with its latest Windows 11 update, which has led to major technical problems for users. The update, identified as KB5066835, has disrupted localhost network connections, rendering many applications and web servers that depend on these connections inoperative. The company is already working on an emergency patch to rectify the situation.…

After installing the latest update KB5066835 for Windows 11, users have encountered significant issues with USB keyboards and mice failing to function in the Windows Recovery Environment (WinRE). This complication arises particularly when trying to access recovery options, such as repairing or resetting Windows, through recovery mode. Although these devices work fine during normal operation…

A new glitch introduced by the October update for Windows 11 is causing issues for users trying to access the Windows Recovery Environment (WinRE). This bug renders USB devices such as keyboards and mice unusable in WinRE, leaving users unable to navigate recovery options. The October Patch Tuesday update, which rolled out on October 14,…

Microsoft has acknowledged several significant issues arising from the Windows 11 KB5066835 update. This update, which is meant to enhance security and functionality, has inadvertently disrupted essential features for users running versions 24H2 or 25H2. One major drawback is its impact on localhost (127.0.0.1) HTTP/2 connections, hindering the ability of locally hosted applications to connect…

Microsoft has acknowledged that recent updates to Windows 11 (specifically the 24H2 and 25H2 versions) are causing issues with IIS (Internet Information Services) websites, which became apparent following October’s Patch Tuesday release. This problem arises from a conflict in the Windows HTTP stack driver (HTTP.sys), resulting in “ERR_CONNECTION_RESET” errors. Users may encounter these issues when…

Microsoft has confirmed a synchronization issue impacting Windows Server 2025, following the September 2025 security update (KB5065426). This bug specifically affects users of Entra Connect who are synchronizing large Active Directory (AD) security groups that exceed 10,000 members. This issue is connected to the same Patch Tuesday update that previously disrupted file and print sharing…

Microsoft’s October Patch Tuesday has revealed a significant wave of vulnerabilities, addressing 167 issues—the highest number fixed in a single release this year. Among these, seven vulnerabilities have been classified as critical, necessitating immediate attention from Chief Information Security Officers (CISOs). Key Vulnerabilities Windows Server Update Service (WSUS) Exploit CVE-2025-59287: This remote code execution vulnerability…