Security researchers are raising alarms about a serious vulnerability in Microsoft Windows Server Update Service (WSUS) that hackers have been exploiting. This vulnerability, identified as CVE-2025-59287, stems from the deserialization of untrusted data, potentially allowing intruders to execute unauthorized code. The threat landscape is concerning. Reports from Huntress indicate that attackers are already taking advantage…

Microsoft recently issued out-of-band patches to address a critical vulnerability in the Windows Server Update Service (WSUS), identified as CVE-2025-59287. This vulnerability, known for allowing remote code execution with SYSTEM privileges, was not fully rectified by earlier patches released on October 14. As a result, attackers have begun exploiting this flaw in the wild following…

Microsoft has recently issued out-of-band security updates to address a critical-severity vulnerability in the Windows Server Update Service (WSUS), identified as CVE-2025-59287. This vulnerability, rated at a CVSS score of 9.8, allows for remote code execution through a flaw originally patched during last week’s Patch Tuesday. The exploitation of this vulnerability is particularly concerning as…

In recent days, reports have surfaced regarding a critical bug in the Windows Recovery Environment (WinRE) that renders USB devices non-functional. Microsoft has already issued a patch for this specific issue, but now it has also addressed another significant problem impacting multiple versions of Windows. According to Microsoft’s Windows Release Health dashboard, a fix is…

After a recent mandatory security update for Windows 11 caused disruptions, Microsoft has implemented a hotfix to resolve these issues. The problematic update, released on October 14, affected several systems, disabling mice and keyboards in recovery mode and network connections for locally hosted applications. Additionally, it led to problems with file previews in Windows Explorer.…

In recent days, a troubling bug concerning the Windows Recovery Environment (WinRE) has surfaced, rendering USB devices ineffective. Microsoft has already addressed a related issue with a patch targeting this specific problem. Furthermore, the company has introduced a fix for a broader issue affecting smart card authentication present in various Windows editions following the installation…

Recently, NSFOCUS CERT identified a critical remote code execution vulnerability in Microsoft’s Windows Server Update Service (WSUS), labeled CVE-2025-59287. This vulnerability arises from the failure of WSUS’s GetCookie function to conduct type verification on incoming objects. This oversight allows an unauthenticated attacker to exploit the server by deserializing malicious data, ultimately gaining remote code execution…

Microsoft has confirmed a significant issue with Kerberos and NTLM authentication on Windows 11 (versions 24H2 and 25H2) and Windows Server 2025 systems. The problem is attributed to devices sharing duplicate Security IDs (SIDs), which has resulted in widespread login failures. The issue emerged after users installed recent cumulative updates, including: August 29, 2025 (KB5064081)…

Microsoft is facing significant issues with its latest Windows 11 update, which has led to major technical problems for users. The update, identified as KB5066835, has disrupted localhost network connections, rendering many applications and web servers that depend on these connections inoperative. The company is already working on an emergency patch to rectify the situation.…