Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 183 flaws
Summary
Hide ▲
Show ▼
Microsoft's October 2025 Patch Tuesday marks the end of free security updates for Windows 10, with the release of the final cumulative update KB5066791. This update addresses 183 vulnerabilities, including six zero-day flaws, and is mandatory for all Windows 10 users. Extended Security Updates (ESU) are available for purchase for up to three years for enterprise users and one year for consumers. The patches cover a range of vulnerabilities, including critical remote code execution and elevation of privilege issues. The zero-day vulnerabilities affect various components, such as Windows SMB Server, Microsoft SQL Server, Windows Agere Modem Driver, Windows Remote Access Connection Manager, AMD EPYC processors, and TCG TPM 2.0. Some of these flaws have been publicly disclosed or actively exploited. The update also includes fixes for vulnerabilities in third-party components, such as IGEL OS and AMD EPYC processors. Additionally, Microsoft Office users should be aware of CVE-2025-59227 and CVE-2025-59234, which exploit the Preview Pane. The update is the largest on record for Microsoft, with 183 CVEs, pushing the number of unique vulnerabilities released so far this year to more than 1,021. The update includes fixes for a wide range of vulnerabilities, including remote code execution (RCE), elevation of privilege, data theft, denial of service (DoS), and security feature bypass issues. The update also marks the end of life for Windows 10, meaning Microsoft will no longer issue regular patches for vulnerabilities in the operating system as part of its regular Patch Tuesday updates. Exchange Server 2016, Exchange Server 2019, Skype for Business 2016, Windows 11 IoT Enterprise Version 22H2, and Outlook 2016 are also reaching end-of-life. Windows 10 users can opt for Extended Security Updates (ESU) for one year at a cost of $30, or install Linux as an alternative. Linux Mint is recommended for Windows 10 users transitioning to Linux, with compatibility for most computers from the last decade.
Timeline
-
15.10.2025 01:57 2 articles · 1d ago
Microsoft Office vulnerabilities CVE-2025-59227 and CVE-2025-59234 exploit Preview Pane
CVE-2025-59227 and CVE-2025-59234 are remote code execution bugs in Microsoft Office that exploit the Preview Pane, allowing attackers to execute code without the target opening the file. This vulnerability requires social engineering to trick the target into previewing a malicious email with an Office document.
Show sources
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
15.10.2025 01:57 2 articles · 1d ago
Microsoft Word automatically saves documents to OneDrive
Microsoft Word will now automatically save documents to OneDrive, with an option to disable this feature in Word's settings. This change affects all users, and guidance is provided for those who prefer not to use OneDrive for document storage.
Show sources
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
15.10.2025 01:57 2 articles · 1d ago
End-of-life for multiple Microsoft products, including Windows 10
Exchange Server 2016, Exchange Server 2019, Skype for Business 2016, Windows 11 IoT Enterprise Version 22H2, and Outlook 2016 are also reaching end-of-life. Windows 10 users can opt for Extended Security Updates (ESU) for one year at a cost of $30, or install Linux as an alternative. Linux Mint is recommended for Windows 10 users transitioning to Linux, with compatibility for most computers from the last decade.
Show sources
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
14.10.2025 21:02 6 articles · 1d ago
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws
The final cumulative update for Windows 10 is KB5066791. This update addresses 183 vulnerabilities, including six zero-day flaws, and is mandatory for all Windows 10 users. The update includes fixes for issues with the Chinese Input Method Editor (IME), USER32 Edit controls, PowerShell Remoting, and WinRM. It also introduces a servicing stack update (SSU) with an updated certificate chain for Azure environment validation. The update removes the ltmdm64.sys driver, affecting fax modem hardware dependent on this driver. The update fixes an issue with SMBv1 protocol connectivity and Windows Autopilot Enrollment Status Page (ESP). The update is the largest on record for Microsoft, with 183 CVEs, pushing the number of unique vulnerabilities released so far this year to more than 1,021. The update includes fixes for a wide range of vulnerabilities, including remote code execution (RCE), elevation of privilege, data theft, denial of service (DoS), and security feature bypass issues. The article provides additional details on the zero-day vulnerabilities fixed in the October 2025 Patch Tuesday update, including CVE-2025-24990 in the Agere Modem driver and CVE-2025-59230 in Windows Remote Access Connection Manager. It also highlights critical vulnerabilities in Microsoft Office and the Windows Server Update Service (WSUS). The article discusses the end-of-life for multiple Microsoft products, including Windows 10, and offers alternatives for users, such as Extended Security Updates (ESU) and Linux. Additionally, it mentions the automatic saving of Microsoft Word documents to OneDrive and provides guidance for users who prefer not to use this feature. The article also details the active exploitation of three zero-day flaws: CVE-2025-59230 in the Windows Remote Access Connection Manager, CVE-2025-24990 in the Agere Modem driver, and CVE-2025-47827 in IGEL OS. The article discusses the removal of the Agere Modem driver due to security risks and the lack of a patch for CVE-2025-0033 in AMD EPYC processors. Additionally, it mentions the public disclosure of three zero-day vulnerabilities: CVE-2025-0033, CVE-2025-24052, and CVE-2025-2884.
Show sources
- Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws — www.bleepingcomputer.com — 14.10.2025 21:02
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
Information Snippets
-
Microsoft's October 2025 Patch Tuesday addresses 172 vulnerabilities.
First reported: 14.10.2025 21:025 sources, 6 articlesShow sources
- Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws — www.bleepingcomputer.com — 14.10.2025 21:02
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
Six zero-day vulnerabilities are fixed, including two publicly disclosed and three actively exploited.
First reported: 14.10.2025 21:025 sources, 6 articlesShow sources
- Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws — www.bleepingcomputer.com — 14.10.2025 21:02
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
Windows 10 reaches the end of support, with the last free security updates provided in this patch.
First reported: 14.10.2025 21:025 sources, 6 articlesShow sources
- Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws — www.bleepingcomputer.com — 14.10.2025 21:02
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
Extended Security Updates (ESU) are available for Windows 10 for a fee.
First reported: 14.10.2025 21:025 sources, 6 articlesShow sources
- Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws — www.bleepingcomputer.com — 14.10.2025 21:02
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The patches include fixes for critical remote code execution and elevation of privilege vulnerabilities.
First reported: 14.10.2025 21:025 sources, 6 articlesShow sources
- Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws — www.bleepingcomputer.com — 14.10.2025 21:02
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The zero-day vulnerabilities affect various components, including Windows SMB Server, Microsoft SQL Server, Windows Agere Modem Driver, Windows Remote Access Connection Manager, AMD EPYC processors, and TCG TPM 2.0.
First reported: 14.10.2025 21:025 sources, 6 articlesShow sources
- Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws — www.bleepingcomputer.com — 14.10.2025 21:02
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
Some of the zero-day flaws have been publicly disclosed or actively exploited.
First reported: 14.10.2025 21:025 sources, 6 articlesShow sources
- Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws — www.bleepingcomputer.com — 14.10.2025 21:02
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The update includes fixes for vulnerabilities in third-party components, such as IGEL OS and AMD EPYC processors.
First reported: 14.10.2025 21:025 sources, 5 articlesShow sources
- Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws — www.bleepingcomputer.com — 14.10.2025 21:02
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The final cumulative update for Windows 10 is KB5066791.
First reported: 14.10.2025 22:075 sources, 5 articlesShow sources
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
Windows 10 22H2 will be updated to build 19045.6456, and Windows 10 21H2 will be updated to build 19044.6456.
First reported: 14.10.2025 22:074 sources, 4 articlesShow sources
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The update includes fixes for issues with the Chinese Input Method Editor (IME), USER32 Edit controls, PowerShell Remoting, and WinRM.
First reported: 14.10.2025 22:074 sources, 4 articlesShow sources
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The update introduces a servicing stack update (SSU) with an updated certificate chain for Azure environment validation.
First reported: 14.10.2025 22:074 sources, 4 articlesShow sources
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The update removes the ltmdm64.sys driver, affecting fax modem hardware dependent on this driver.
First reported: 14.10.2025 22:075 sources, 5 articlesShow sources
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The update fixes an issue with SMBv1 protocol connectivity and Windows Autopilot Enrollment Status Page (ESP).
First reported: 14.10.2025 22:074 sources, 4 articlesShow sources
- Final Windows 10 Patch Tuesday update rolls out as support ends — www.bleepingcomputer.com — 14.10.2025 22:07
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The October 2025 Patch Tuesday update is the largest on record for Microsoft, with 175 CVEs.
First reported: 15.10.2025 00:534 sources, 4 articlesShow sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
This update pushes the number of unique vulnerabilities Microsoft has released so far this year to more than 1,021.
First reported: 15.10.2025 00:534 sources, 4 articlesShow sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The update includes fixes for a wide range of vulnerabilities, including remote code execution (RCE), elevation of privilege, data theft, denial of service (DoS), and security feature bypass issues.
First reported: 15.10.2025 00:534 sources, 4 articlesShow sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-59230 in Windows Remote Access Connection Manager allows privilege escalation to admin level.
First reported: 15.10.2025 00:534 sources, 4 articlesShow sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-24990 in the Windows Agere modem driver allows system-level privilege escalation, and Microsoft has removed the driver.
First reported: 15.10.2025 00:534 sources, 4 articlesShow sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-24052 is a publicly disclosed flaw in the Windows Agere modem service, with a proof-of-concept exploit available.
First reported: 15.10.2025 00:534 sources, 4 articlesShow sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-47827 affects IGEL OS, enabling bypass of Secure Boot mechanisms, and a proof-of-concept exploit has been publicly available since May.
First reported: 15.10.2025 00:534 sources, 4 articlesShow sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-59287 is an RCE bug in the Windows Server Update Service, which could compromise the patching infrastructure.
First reported: 15.10.2025 00:534 sources, 4 articlesShow sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-55315 is a security-feature bypass in the ASP.Net Core framework, allowing attackers to view user credentials and change file contents.
First reported: 15.10.2025 00:534 sources, 4 articlesShow sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-59227 and CVE-2025-59234 are remote code execution bugs in Microsoft Office that exploit the Preview Pane.
First reported: 15.10.2025 01:573 sources, 3 articlesShow sources
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
Microsoft Word will now automatically save documents to OneDrive, with an option to disable this feature.
First reported: 15.10.2025 01:571 source, 1 articleShow sources
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
-
Exchange Server 2016, Exchange Server 2019, Skype for Business 2016, Windows 11 IoT Enterprise Version 22H2, and Outlook 2016 are also reaching end-of-life.
First reported: 15.10.2025 01:573 sources, 3 articlesShow sources
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
Windows 10 users can opt for Extended Security Updates (ESU) for one year at a cost of $30, or install Linux as an alternative.
First reported: 15.10.2025 01:573 sources, 3 articlesShow sources
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
Linux Mint is recommended for Windows 10 users transitioning to Linux, with compatibility for most computers from the last decade.
First reported: 15.10.2025 01:573 sources, 3 articlesShow sources
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-59230 is a local elevation of privilege (EoP) bug in the Windows Remote Access Connection Manager, actively exploited and requiring no user interaction.
First reported: 15.10.2025 12:232 sources, 2 articlesShow sources
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-24990 is an EoP vulnerability in the third-party Agere Modem driver (ltmdm64.sys), which Microsoft has removed rather than patch.
First reported: 15.10.2025 12:232 sources, 2 articlesShow sources
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-47827 is a secure boot bypass bug affecting IGEL OS, with a proof-of-concept exploit available since May.
First reported: 15.10.2025 12:232 sources, 2 articlesShow sources
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-0033 is a critical vulnerability in AMD EPYC processors using Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP), for which there is no patch.
First reported: 15.10.2025 12:232 sources, 2 articlesShow sources
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-24052 is an EoP bug in the Agere Modem driver similar to CVE-2025-24990.
First reported: 15.10.2025 12:232 sources, 2 articlesShow sources
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-2884 is an out-of-bounds read vulnerability in TCG TPM2.0 that could result in information disclosure or denial of service.
First reported: 15.10.2025 12:232 sources, 2 articlesShow sources
- Last Windows 10 Patch Tuesday Features Six Zero Days — www.infosecurity-magazine.com — 15.10.2025 12:45
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
Microsoft released fixes for 183 security flaws across its products, including three actively exploited vulnerabilities.
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The updates include eight non-Microsoft issued CVEs.
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The majority of the vulnerabilities are elevation of privilege issues (84), with remote code execution (33), information disclosure (28), spoofing (14), denial-of-service (11), and security feature bypass (11) issues.
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
The updates also address 25 vulnerabilities in the Chromium-based Edge browser since the September 2025 Patch Tuesday update.
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-24990 is a Windows Agere Modem Driver elevation of privilege vulnerability actively exploited in the wild.
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-59230 is a Windows Remote Access Connection Manager elevation of privilege vulnerability actively exploited in the wild.
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-47827 is a Secure Boot bypass vulnerability in IGEL OS actively exploited in the wild.
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-59287 is a critical remote code execution bug in Windows Server Update Service (WSUS).
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-2884 is an out-of-bounds read vulnerability in the Trusted Computing Group (TCG) TPM2.0 reference implementation.
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-59295 is a remote code execution vulnerability in Windows URL Parsing.
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-49708 is a privilege escalation flaw in Microsoft Graphics Component.
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
-
CVE-2025-55315 is a security feature bypass in ASP.NET that allows attackers to smuggle malicious HTTP requests.
First reported: 15.10.2025 12:231 source, 1 articleShow sources
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23
Similar Happenings
F5 BIG-IP Source Code and Vulnerability Information Stolen in Cyberattack
F5 has released security updates to address 44 vulnerabilities, including those stolen in a breach detected on August 9, 2025. The company has not found evidence that the stolen information has been used in actual attacks or disclosed publicly. The breach was attributed to a highly sophisticated nation-state threat actor, and F5 has taken extensive actions to contain the threat. F5's BIG-IP is a critical product used in application delivery networking and traffic management by many large enterprises. The company has 23,000 customers in 170 countries, including 48 of the Fortune 50 entities. The breach did not compromise F5's software supply chain or result in suspicious code modifications. The company has validated the safety of BIG-IP releases through multiple independent reviews by leading cybersecurity firms and has advised users to apply the latest updates for BIG-IP and related products. The breach involved a nation-state threat actor gaining persistent, long-term access to F5's product development environment and engineering knowledge management platforms. F5 disclosed the breach on October 15, 2025, confirming that the attack was detected in August 2025. The threat actor exfiltrated files containing BIG-IP source code and information regarding undisclosed vulnerabilities. F5 has not found evidence of access to or exfiltration of data tied to its CRM, financial, support case management, or iHealth systems, nor the NGINX source code or product development environment. F5 has identified no evidence of modification to its software supply chain, including source code, build pipeline, and release pipeline. F5 has worked with multiple incident response firms and law enforcement to mitigate the event and believes it has contained the threat. F5 has rotated credentials, strengthened access controls, deployed improved inventory and patch management automation, integrated better monitoring and detection tools, and implemented enhancements to network security infrastructure. F5 advises customers to apply the latest BIG-IP updates and has shared guidance for hardening customers' systems. On October 15, 2025, CISA directed federal civilian executive branch (FCEB) agencies to inventory F5 BIG-IP products and apply updates where necessary. The US government has urged federal agencies to take immediate action after F5 revealed it had been breached by a nation-state actor. The US Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive demanding that federal agencies evaluate if the networked management interfaces are accessible from the public internet and apply updates from F5. CISA warned that the threat actor's access to the F5 development environment could enable it to conduct static and dynamic analysis to discover logical flaws, zero-day vulnerabilities, and targeted exploits. The Justice Department ordered a delay in public disclosure of the breach on September 12, 2025. F5 has improved internal security including access controls, inventory and patch management, network security, and monitoring of all software development platforms. Tom Kelermann, VP of cyber risk at Hitrust, argued that the F5 breach is likely to be the first stage in a supply chain campaign. Ilia Kolochenko, CEO of ImmuniWeb, agreed that the stolen IP could be used to craft zero-day exploits for subsequent APT campaigns.
Microsoft Releases October 2025 Patch Tuesday Updates for Windows 11
Microsoft has released Windows 11 cumulative updates KB5066835 and KB5066793 for versions 25H2/24H2 and 23H2. These updates address security vulnerabilities and various issues. The updates are mandatory as they include the October 2025 Patch Tuesday security patches. The updates fix several issues across different components, including browsers, gaming, PowerShell, Windows Hello, and more. Additionally, new features and improvements have been introduced, such as enhanced AI actions in File Explorer and improved accessibility features in Narrator. The updates also mark the second-to-last update for Windows 11 23H2, as its support ends in November 2025.
Legacy Operating Systems in Enterprise Networks
A recent analysis by runZero found that 8.56% of assets in enterprise networks are running end-of-life operating systems, with 5% of all observed assets already beyond security support as of September 30, 2025. This includes critical systems that cannot be upgraded due to compatibility issues. The upcoming end-of-life of Windows 10 on October 14, 2025, will significantly expand the attack surface, as one-third of all Windows systems worldwide are still running Windows 10. This situation poses a significant risk, as attackers can exploit vulnerabilities in these outdated systems, which will no longer receive security updates. Organizations need to be aware of the presence of these legacy systems and assess their security posture accordingly.
Microsoft to provide free Windows 10 security updates in EEA
Microsoft will offer free extended security updates for Windows 10 in the European Economic Area (EEA). The decision follows pressure from Euroconsumers, a consumer protection organization, and aims to ensure compliance with the Digital Markets Act (DMA). The updates will be available without requiring users to back up settings, apps, or credentials, or use Microsoft Rewards. Windows 10 support is set to end on October 14, 2025.
Steam to end support for 32-bit Windows in January 2026
Valve has announced that Steam will stop supporting 32-bit versions of Windows starting January 2026. This change affects a small fraction of users, as only 0.01% of Steam users are on 32-bit systems. The move is necessary because core Steam features rely on system drivers and libraries not supported on 32-bit Windows. Users are urged to upgrade to 64-bit versions of Windows to maintain compatibility and receive updates. Existing Steam installations on 32-bit systems will continue to function but will not receive further updates, including security patches. Microsoft has also announced that all versions of Windows 10 will reach end of support on October 14, 2025, with options for users to upgrade to Windows 11 or enroll in the Extended Security Updates (ESU) program.