Read, Watch or Listen

Microsoft confirmed an emergency fix for CVE-2025-59287 after CISA said attacks are already underway against Windows Server. The flaw in the Windows Server Update Service enables remote code execution over the network; servers without the WSUS role are not vulnerable. CISA gave certain federal agencies two weeks to comply and urged all organizations to: identify vulnerable servers, apply the out-of-band update released October 23, 2025, and reboot. If patching must wait, disable the WSUS role and block inbound traffic on ports 8530 and 8531. Don't revert workarounds until after updating.

Prepared by Jonathan Pierce and reviewed by editorial team.