Microsoft issues emergency Windows Server updates to patch WSUS vulnerability with proof-of-concept exploit
Microsoft has issued out-of-band (OOB) security updates to address a critical vulnerability in Windows Server Update Services (WSUS), following the release of publicly available proof-of-concept (PoC) exploit code.
WSUS, a Microsoft tool used by IT administrators to manage and distribute Windows updates across networks, was impacted by the flaw tracked as CVE-2025-59287.
Originally patched during this month’s Patch Tuesday, the remote code execution (RCE) vulnerability affects only Windows servers with the WSUS Server Role enabled—a configuration that is not active by default.
Attackers can remotely exploit the bug in low-complexity attacks requiring no user interaction, gaining SYSTEM privileges on unpatched servers. Microsoft warns the issue could be wormable between WSUS servers.
The company clarified that servers without the WSUS role enabled are safe, but enabling the role without applying the patch first exposes them to attack.
Further details = CVE-2025-59287 – Security Update Guide – Microsoft – Windows Server Update Service (WSUS) Remote Code Execution Vulnerability

Blogger at www.systemtek.co.uk
