Microsoft Releases Out-of-Band Security Update to Mitigate Windows Server Update Service Vulnerability, CVE-2025-59287

Source: All CISA Advisories | Added:

Microsoft has released an out-of-band security update to address a critical remote code execution vulnerability, CVE-2025-59287, affecting Windows Server Update Service (WSUS) across multiple Windows Server versions. Organizations are strongly urged to apply the update to mitigate the risk of unauthenticated actors gaining system privileges remotely.

Impact: Windows Server (2012, 2016, 2019, 2022, and 2025)

In the Wild: Yes

Age: Newly disclosed

Remediation: Identify vulnerable servers, apply the security update, reboot WSUS servers, and if unable to update, disable WSUS Server Role or block inbound traffic to ports 8530/8531.

Windows CVE Microsoft Vulnerability Update

Read Full Original Article →