News Connectz

Hackers exploiting critical vulnerability in Windows Server Update Service

10/24/2025 No comments yet
Summarize this post with AI
ChatGPT Gemini Claude Perplexity Copilot
Z3m6ly9kaxzlc2l0zs1zdg9yywdll2rpdmvpbwfnzs9nawnyc29mdc1ibgrnlmpwzw.webp.webp

Security researchers are warning that cyber threat actors are abusing a critical vulnerability in Microsoft Windows Server Update Service. 

The vulnerability, tracked as CVE-2025-59287, involves deserialization of untrusted data and could allow intruders to execute code without authorization.

Researchers at Huntress said they have seen attackers exploiting the vulnerability in four different customers’ networks. 

Senior security researcher John Hammond described the attack as a simple “point-and-shoot” technique, noting that the recent release of a proof of concept made the attack trivially accessible for any hacker to launch. 

Microsoft issued out-of-band security updates on Thursday to address the vulnerability. “We rereleased this CVE after identifying that the initial update did not fully mitigate the issue,” a Microsoft spokesperson told Cybersecurity Dive. 

Experts urged organizations to immediately apply the new patch.

“The currently trending WSUS vulnerability is a critical issue that should receive top priority for patching in any environment,” Jimi Sebree, senior security researcher at Horizon3.ai, told Cybersecurity Dive. “Its presence is due to how juicy of a target the service is.”

Hackers who compromise the service can move laterally inside a system and obtain significant additional access, Sebree said.

The Windows Server Update Service allows IT administrators to manage the deployment of Microsoft product updates across their computer systems. 

The Cybersecurity and Infrastructure Security Agency on Friday added the vulnerability to its Known Exploited Vulnerabilities catalog.

In an advisory released late Friday, CISA urged users to identify servers that are vulnerable to exploitation and immediately apply the upgrades. These servers have WSUS Server Role enabled and ports open to 8530/8531, according to CISA.

Researchers at Arctic Wolf said they were tracking a threat campaign that might be related to the vulnerability, although they said they could not confirm a link 

Source link

Post Views: 51

Leave a Reply

Your email address will not be published. Required fields are marked *

Related posts

Technology Connectz

Switchable 2D–3D display through a metasurface lenticular lens

04/23/2026 No comments yet

Dodgson, N. A. Autostereoscopic 3D displays. Computer 38, 31–36 (2005). Article  Google Scholar  Lee, B. Three-dimensional displays, past and present. Phys. Today 66, 36–41 (2013). Article  CAS  Google Scholar  Willemsen, O. H., De Zwart, S. T., Hiddink, M. G. H. & Willemsen, O. 2-D/3-D switchable displays. J. Soc. Inf. Display 14, 715–722 (2006). Article  Google […]

Technology Connectz

Performance Technology: New Guidelines for Responsible use in NCAA

04/22/2026 No comments yet

How metabolic testing supports responsible use of performance technology in the NCAA (National Collegiate Athletic Association) while prioritizing student-athlete health and well-being. Introduction Collegiate athletics programs are rapidly adopting athlete monitoring technologies. These tools can provide valuable insights into performance, recovery, return to play decisions and training load. Dr. Deena Caseiro, CMO of  NCAA recently […]