Microsoft has released an urgent out-of-band security update to address a critical remote code execution (RCE) vulnerability in Windows Server Update Services (WSUS). The flaw tracked as CVE-2025-59287, poses a direct risk to organizations that utilizes WSUS to manage Windows updates.
Severity level:-
CVSS Score: 9.8 /Critical.
Description:- Windows Server Update Services (WSUS) is a widely used Microsoft tool for managing the distribution of updates in enterprise environments. CVE-2025-59287 is a critical deserialization of untrusted data vulnerability that may allow an unauthorized attacker to execute code on vulnerable machines by sending a specially crafted event to the WSUS server. No user interaction is required to trigger it.
Affected Versions :-
Windows Server 2012 through 2025 with WSUS role enabled.
Impact:-
Successful exploitation allows attackers to execute arbitrary code with System-level privileges.
Resolution:-
Please update to the latest patched versions of Windows Server as provided by Microsoft. If immediate patching is not feasible:
- Disable the WSUS role temporarily.
- Block inbound traffic to ports 8530 and 8531 to mitigate exposure.
Reference:-
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287
https://nvd.nist.gov/vuln/detail/CVE-2025-59287