Microsoft has issued an emergency Windows server security patch to fix a critical severity flaw apparently abused in the wild.
As part of its most recent Patch Tuesday cumulative update (October 14, 2025), Microsoft addressed CVE-2025-59287, a “deserialization of untrusted data” flaw found in Windows Server Update Service (WSUS). WSUS allows IT admins to manage patching computers within their network. The flaw was given a severity score of 9.8/10 (critical), as it apparently allows for remote code execution (RCE) attacks.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox