"Microsoft has released an out-of-band update to patch a critical vulnerability in Windows Server Update Services (WSUS). The update addresses CVE-2025-59287">CVE-2025-59287, a remote code execution flaw affecting Windows Server versions 2012 through 2025. The vulnerability stems from insecure deserialization of untrusted data, allowing unauthenticated attackers to execute arbitrary code. A proof-of-concept exploit is publicly available. The vulnerability has been assigned a maximum severity level of "critical". Only servers with the WSUS role enabled are affected."
"Microsoft recommends admins unable to immediately patch should disable the role on affected servers - although this will obviously prevent client updates from the server. Or they can choose to block inbound traffic to ports 8530 and 8531 on the host firewall to stop WSUS working. The update is cumulative and includes October's patches if not yet installed. A reboot is required."
"WSUS is on the deprecated list for Windows Server, which means it is no longer being actively developed but remains a supported part of the operating system. Microsoft recently confirmed it would continue supporting driver update synchronization to WSUS following user outcry over plans to end support in April 2025. However Microsoft's message to administrators is clear: switch to an alternative like its cloud-based Intune service."
Microsoft released an out-of-band update to patch CVE-2025-59287, a critical remote code execution flaw in Windows Server Update Services (WSUS) affecting Windows Server 2012 through 2025. The flaw is caused by insecure deserialization of untrusted data and allows unauthenticated attackers to execute arbitrary code; a proof-of-concept exploit is publicly available. Only servers with the WSUS role enabled are affected. Administrators unable to patch immediately should disable the WSUS role or block inbound traffic to ports 8530 and 8531. The update is cumulative, includes October's patches if missing, and requires a reboot. WSUS is deprecated and Microsoft recommends switching to cloud-based alternatives like Intune.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]