Category: Blog

Pakistan’s national cyber-incident response body, the Pakistan Computer Emergency Response Team (PKCERT), has raised the alarm over a critical security vulnerability in Microsoft Windows Server Update Services (WSUS). This software is essential for organizations to manage and distribute updates across their computer networks. The vulnerability stems from an unsafe deserialization of the WSUS Authorisation Cookie,…

Action1, a leading provider of autonomous endpoint management (AEM) solutions, has announced significant updates that enhance Microsoft Intune’s capabilities in patching and vulnerability management. These new integrations aim to fill critical security gaps by providing extensive third-party application patching, along with real-time visibility and risk-based vulnerability prioritization across various operating systems including Windows, macOS, and…

Cyberespionage groups are consistently innovating to secure long-term access to compromised systems, exemplified by the Russian APT group known as Curly COMrades. This group has recently been documented employing a novel method to hide their malware tools by deploying Linux-based virtual machines (VMs) on infected Windows 10 machines. According to researchers from Bitdefender, the attackers…

Microsoft recently faced challenges following the release of emergency update KB5070881, intended to address a critical vulnerability in Windows Server Update Services (WSUS), known as CVE-2025-59287. IT administrators reported that this update inadvertently disrupted Hotpatching for some instances of Windows Server 2025, causing significant concern. In a statement regarding the update, Microsoft acknowledged that a…

At least 50 organizations in the U.S. have been targeted by attacks exploiting a significant vulnerability in Windows Server Update Service (WSUS), according to cybersecurity firm Sophos. This vulnerability, identified as CVE-2025-59287, involves the deserialization of untrusted data. Despite a security update released by Microsoft in mid-October, it failed to protect against these threats, prompting…

Microsoft has issued a critical security update aimed at addressing a remote code execution vulnerability that affects multiple versions of Windows Server Update Services (WSUS). This vulnerability had not been fully resolved in a prior update, prompting the intervention from the Cybersecurity and Infrastructure Security Agency (CISA). CISA is urging organizations to follow Microsoft’s guidance…

Windows Server 2025 is currently vulnerable to a Remote Code Execution exploit through the Windows Update Service, with Microsoft yet to provide a complete fix. Reports indicate that a prior attempt to patch the vulnerability failed to prevent exploitation, and this contradicts Microsoft’s claim that the issue hadn’t been publicly disclosed. The exploit, similar to…

Network defenders are urged to address a newly discovered critical vulnerability in Windows Server Update Services (WSUS) that is currently being exploited. Microsoft released an out-of-band update to rectify this issue last Thursday, coinciding with reports from Huntress of threat actors actively targeting WSUS instances accessible through their default ports, 8530 and 8531. The vulnerability,…

Security researchers at Huntress have detected the real-time exploitation of a remote code execution (RCE) vulnerability in Windows Server Update Services (WSUS), which Microsoft recently addressed with an out-of-band security patch designated as CVE-2025-59287. WSUS is a crucial tool employed by enterprise administrators to manage and distribute updates throughout corporate networks. The vulnerability arises from…

Security researchers are raising alarms about a serious vulnerability in Microsoft Windows Server Update Service (WSUS) that hackers have been exploiting. This vulnerability, identified as CVE-2025-59287, stems from the deserialization of untrusted data, potentially allowing intruders to execute unauthorized code. The threat landscape is concerning. Reports from Huntress indicate that attackers are already taking advantage…