Attackers Exploit Windows Server Flaw After Microsoft's Failed Patch

Cybercriminals exploit a Windows vulnerability, bypassing Microsoft's patch, risking malware spread via trusted updates.

By Content Team

Oct 27, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Cybercriminals are actively exploiting a critical Windows Server Update Services vulnerability that bypasses Microsoft's earlier patch from this month. The tech giant released an emergency fix Thursday for CVE-2025-59287, but researchers detected live attacks by Friday.

Over 2,800 vulnerable servers remain exposed online, with 28% located in the United States. Security firm Huntress has tracked five active attacks so far. The flaw affects software dating back to 2012 and allows attackers to gain complete system control without authentication.

The risk extends beyond individual servers—attackers could potentially push malware to entire networks disguised as legitimate Microsoft updates, turning trusted update systems into distribution weapons.

Source: CyberScoop

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Hackers Threaten Rockstar Games Over Grand Theft Auto VI Data Breach

Apr 14, 2026

Peabody Residents Receive Breach Notifications After Summer Hack

Feb 14, 2026

Chinese Hackers Hijacked Notepad++ Updates Through Hosting Provider Compromise

Feb 2, 2026

Foster City Declares Emergency After Ransomware Attack Shuts Down City Network

Mar 25, 2026