Microsoft Issues Emergency Patch for Critical Windows Server Bug

Microsoft issues an emergency patch for a critical Windows Server flaw (CVE-2025-59287) as hackers exploit the vulnerability in the wild.

By Content Team

Oct 25, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Microsoft released an emergency patch Thursday for a critical Windows Server vulnerability that's already being exploited by hackers. The flaw, CVE-2025-59287, affects the Windows Server Update Service (WSUS) and earned a severe 9.8 security rating.

The bug allows attackers to remotely execute code on vulnerable systems through unsafe object deserialization. Microsoft's initial October patch was incomplete, prompting the emergency fix after cybersecurity firms spotted active attacks targeting exposed WSUS servers on ports 8530 and 8531.

CISA added the vulnerability to its Known Exploited Vulnerabilities catalog Friday. Organizations can temporarily protect themselves by disabling the WSUS Server Role or blocking traffic to the affected ports.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Critical SmarterMail Vulnerability Allows Remote Code Execution

Dec 30, 2025

Microsoft Patches 6 Actively Exploited Zero-Days in February Security Update

Feb 11, 2026

UK Companies in Middle East Face Rising Cyber Threats from Iran

Mar 3, 2026

Iran-Linked Hackers Disrupt Medical Giant Stryker's Global Operations

Mar 13, 2026