Digital.Nhs.Uk
Critical RCE Vulnerability in Windows Server Update Services Actively Exploited
First seen 2 Nov 2025, 16:14 UTC
•



+8
•78% similarity
•73.5
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Microsoft has released an out-of-band security update for a critical vulnerability, CVE-2025-59287, in Windows Server Update Services (WSUS) that allows unauthenticated remote code execution. The vulnerability, stemming from insecure deserialization of untrusted data, is being actively exploited in the wild, affecting multiple organizations, particularly in the U.S. Security agencies, including CISA, have urged immediate patching to mitigate potential attacks.
ThreatCluster AI