Critical RCE Vulnerability in Windows Server Update Services Actively Exploited

Critical RCE Vulnerability in Windows Server Update Services Actively Exploited

First seen 2 Nov 2025, 16:14 UTC HuntressDigital.Nhs.UkTheregisterCisecurityDarkreading+8 78% similarity 73.5

Article Content

Browse articles
ThreatCluster

Microsoft has released an out-of-band security update for a critical vulnerability, CVE-2025-59287, in Windows Server Update Services (WSUS) that allows unauthenticated remote code execution. The vulnerability, stemming from insecure deserialization of untrusted data, is being actively exploited in the wild, affecting multiple organizations, particularly in the U.S. Security agencies, including CISA, have urged immediate patching to mitigate potential attacks.

ThreatCluster AI

Community

Browse all →