Microsoft issued out-of-band security updates on Thursday to rectify a severe vulnerability within Windows Server Update Service (WSUS). The vulnerability, identified as CVE-2025-59287, has a CVSS score of 9.8, indicating its critical nature. It enables remote code execution and has a publicly available proof-of-concept exploit, which exacerbates the threat. Given its active exploitation, timely patching is paramount to protect systems.
The WSUS vulnerability had previously been addressed, but the emergence of PoC and its exploitation highlights the challenges in maintaining security. Organizations reliant on WSUS for updates must prioritize applying these security patches promptly to prevent potential breaches. Immediate action is needed to mitigate associated risks and ensure system integrity.
👉 Pročitaj original: The Hacker News
