CVE-2025-59287

unknown KEV

Published 2025-10-24 · Modified 2025-10-24

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

—

CVSS v4 NEW

—

not yet in upstream

VIR risk

2.5

Description

Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows for remote code execution.

CISA KEV

Vendor: Microsoft
Product: Windows
Due date: 2025-11-14

Predictions

Exploit likelihood

99%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Microsoft Security Response Center · View original ↗ · proprietary-no-redistribution

Full prose not cached — VIR stores only structured fields (affected/fixed versions, references) for this source. Click "View original" above for the vendor's full advisory.

Affected

Vendor	Product	Version
microsoft	Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
microsoft	Windows Server 2008 R2 for x64-based Systems Service Pack 1
microsoft	Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
microsoft	Windows Server 2012
microsoft	Windows Server 2012 (Server Core installation)
microsoft	Windows Server 2012 R2
microsoft	Windows Server 2012 R2 (Server Core installation)
microsoft	Windows 10 for 32-bit Systems
microsoft	Windows 10 for x64-based Systems
microsoft	Microsoft Excel 2016 (32-bit edition)
microsoft	Microsoft Excel 2016 (64-bit edition)
microsoft	Microsoft PowerPoint 2016 (32-bit edition)
microsoft	Microsoft PowerPoint 2016 (64-bit edition)
microsoft	Microsoft Word 2016 (32-bit edition)
microsoft	Microsoft Word 2016 (64-bit edition)
microsoft	Microsoft Access 2016 (32-bit edition)
microsoft	Microsoft Access 2016 (64-bit edition)
microsoft	Microsoft Office 2016 (32-bit edition)
microsoft	Microsoft Office 2016 (64-bit edition)
microsoft	Windows Server 2016
microsoft	Office Online Server
microsoft	Windows 10 Version 1607 for 32-bit Systems
microsoft	Windows 10 Version 1607 for x64-based Systems
microsoft	Windows Server 2016 (Server Core installation)
microsoft	Microsoft SharePoint Enterprise Server 2016
microsoft	Windows 10 Version 1809 for 32-bit Systems
microsoft	Windows 10 Version 1809 for x64-based Systems
microsoft	Windows Server 2019
microsoft	Windows Server 2019 (Server Core installation)
microsoft	Microsoft Office 2019 for 32-bit editions

Exploits

Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.

Metasploit modules

exploit_windows/http/wsus_deserialization_rce rank 500

Windows Server Update Service Deserialization Remote Code Execution

Source fetch failed: fetch_error — view the original via the link above.

References

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-59287 ; https://nvd.nist.gov/vuln/detail/CVE-2025-59287

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.