CISA issues alert after botched Windows Server patch exposes critical flaw
A critical WSUS vulnerability (CVE-2025-59287) enabling unauthenticated remote code execution is being actively exploited worldwide despite an initial Microsoft fix.
Microsoft issues out-of-band patch for critical WSUS flaw
A critical remote code execution vulnerability in WSUS affects Windows Server 2012–2025; immediate patching or mitigations are required for WSUS-enabled servers.
Microsoft Issues Emergency Patch for Actively Exploited Critical WSUS Vulnerability
Critical WSUS RCE (CVE-2025-59287, CVSS 9.8) with public PoC is under active exploitation; Microsoft released out-of-band patches for affected Windows Server versions.
Microsoft fixes the fixes that broke Windows tools
Apart from affected clients running Windows 11 v23H2 and Windows 11 v22H2, the bug affected systems running Windows Server 2022 and Windows Server 2019.
