Attackers have started exploiting CVE-2025-59287, a critical vulnerability in Windows Server Update Services, shortly after Microsoft issued a patch deemed insufficient. The speed of exploitation indicates a high-risk landscape for affected organizations, especially those with instances exposed to the internet. Research indicates that over 2,800 instances of the vulnerable software are currently reachable online, primarily in the U.S.
The vulnerability allows attackers to potentially undermine the entire patch distribution system, leveraging system-level control to execute supply-chain attacks by pushing malware disguised as legitimate updates. Security experts emphasize the urgency for organizations to apply updated fixes and secure their systems, with the Cybersecurity and Infrastructure Security Agency also alerting businesses. Given the nature of the attack, even modest environments are at risk, warranting immediate attention to system configurations and patch updates.
👉 Pročitaj original: CyberScoop
