wsus

Microsoft has pushed an emergency out‑of‑band patch to close a critical remote‑code‑execution flaw in Windows Server Update Services (WSUS) — tracked as CVE‑2025‑59287 — and federal and industry bodies are warning that attacks exploiting the bug are already underway, making immediate action...

Microsoft has pushed an out‑of‑band security update to close a critical remote‑code‑execution flaw in Windows Server Update Services (WSUS) — tracked as CVE‑2025‑59287 — after initial fixes did not fully mitigate the risk, and federal guidance now treats unpatched WSUS hosts as immediate...

CISA has added two high‑risk entries to its Known Exploited Vulnerabilities (KEV) Catalog, naming CVE‑2025‑54236 — an Improper Input Validation flaw in Adobe Commerce and Magento — and CVE‑2025‑59287 — a Deserialization of Untrusted Data vulnerability in Microsoft’s Windows Server Update Service...

Microsoft’s October Patch Tuesday rollout cratered into an operational crisis for many Windows 11 users and administrators after the October 14 cumulative update (KB5066835) introduced multiple high‑impact regressions — most notably rendering USB keyboards and mice useless inside the Windows...

Microsoft has released an out‑of‑band emergency update to patch a critical remote‑code‑execution vulnerability in Windows Server Update Services (WSUS) — tracked as CVE‑2025‑59287 — and administrators must treat every WSUS host as a top‑tier remediation priority until it is patched or safely...

Microsoft has released an out‑of‑band emergency patch to fix a critical remote code execution vulnerability in Windows Server Update Services (WSUS) — tracked as CVE‑2025‑59287 — and every WSUS host must be treated as a top‑tier remediation priority until it is patched or isolated. The flaw is a...

Microsoft pushed an out‑of‑band update this week to plug a critical remote code execution flaw in Windows Server Update Services (WSUS), closing a CVE that lets unauthenticated actors trigger unsafe deserialization and run arbitrary code on WSUS hosts — a high‑risk pathway to large‑scale...

Microsoft pushed an out‑of‑band emergency update on October 23, 2025 to fix a critical remote code execution vulnerability in Windows Server Update Services (WSUS), tracked as CVE‑2025‑59287, and administrators must treat WSUS hosts as a top‑tier remediation priority until every affected server...

Microsoft’s October Patch Tuesday is one of the heaviest and most consequential security rollouts of the year — a sprawling cumulative that fixes roughly 167–175 vulnerabilities across Windows, Office, .NET, SQL Server, Exchange and related components, and includes multiple zero‑day...

BornCity — known in English as Born's IT and Windows Blog — has quietly become one of the most reliable German-language trackers of Microsoft servicing drama in 2025, producing timely, technically detailed coverage of everything from the Windows 10 end-of-support transition to errant cumulative...

Microsoft’s October Patch Tuesday landed as a watershed software-security event: the company shipped fixes for an extraordinarily large set of vulnerabilities — widely reported as between 167 and 175 CVEs in a single cycle — including multiple actively exploited zero‑day elevation‑of‑privilege...

Microsoft rolled out its October 2025 Patch Tuesday updates across supported Windows channels today, shipping the security cumulatives for Windows 11 (two packages) and the final public security update for consumer Windows 10 installs — while also marking the scheduled end of support for Office...

Windows administrators and security teams are facing an urgent, two‑pronged wake‑up call after October’s Patch Tuesday: Microsoft shipped a massive set of updates that both removes a decades‑old in‑box modem driver and closes a critical, pre‑authentication remote code execution (RCE) in Windows...

Microsoft’s October security rollup closed a critical, high‑impact remote code execution bug in Windows Server Update Services (WSUS) — tracked as CVE‑2025‑59287 — and the implications for enterprise update pipelines are severe: the flaw permits unsafe deserialization of untrusted input in WSUS...

Microsoft’s October 2025 Patch Tuesday delivered one of the largest and most consequential security refreshes of the year: Microsoft released fixes covering roughly 167 CVEs in a single update cycle, patched two zero-day elevation-of-privilege (EoP) bugs that were exploited in the wild, and...

Microsoft’s October Patch Tuesday landed like a seasonal scare: this round of updates addresses roughly between 167 and 175 Microsoft CVEs (counts vary by tracker), plus a tranche of non‑Microsoft fixes from Adobe, SAP and Ivanti — and it includes multiple vulnerabilities that are already being...

Microsoft quietly published KB5067019 — a Safe OS (WinRE) Dynamic Update for Windows 11, versions 22H2 and 23H2, dated October 14, 2025, renewing attention on a set of small-but-critical “backstage” packages that harden recovery and setup flows for devices that still run these builds. The update...

Microsoft has published KB5054156 — a tiny enablement package (eKB) that flips on Windows 11, version 25H2 for devices already running the fully patched 24H2 servicing baseline, turning a months‑worth of staged feature binaries into an active release with minimal downtime and a single restart in...

Microsoft has begun the staged rollout of the Windows 11 25H2 update — an incremental, enablement-package-based release that unlocks a raft of AI-enhanced capabilities, a redesigned Start menu, richer lock‑screen widgets, improved energy and recovery tools, and targeted enterprise manageability...

BornCity’s report that some Windows Server 2016 installations have not been offered updates since August 2025 landed as a practical alarm for administrators running aging on‑premises servers: several readers and community posts describe machines that stopped seeing cumulative updates and new...