Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Microsoft October 2025 Patch Tuesday (183 fixes)

Security Patch Release
First reported
Last updated
Happening score
H score 59
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft released 183 security fixes across its products, including three vulnerabilities under active exploitation, creating a high-priority patch cycle for Windows and other Microsoft software. The release also coincided with the end of standard Windows 10 support unless devices are enrolled in ESU. CISA later added the exploited issues to its KEV catalog, reinforcing the urgency for affected systems.

Related Happenings

Microsoft security patch release for CVE-2026-45659

Security Patch Release
First: 26.05.2026 14:49 Last: 26.05.2026 14:49 Sources 1

About this happening: Microsoft released **SharePoint** updates for **CVE-2026-45659**, a **remote code execution** flaw that could let an authenticated attacker run code over the network without eleva...

Open Happening

CERT-In 12-hour KEV remediation guidance

Advisory/Mitigation
First: 26.05.2026 13:30 Last: 26.05.2026 13:30 Sources 1

About this happening: CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...

Open Happening

CERT-In issues 12-hour patch guidance for Indian organizations

Public Sector Action
First: 26.05.2026 13:30 Last: 26.05.2026 13:30 Sources 1

About this happening: **CERT-In** published new guidance on **May 25** urging Indian organizations to patch **actively exploited internet-facing vulnerabilities** within **12 hours**, tightening respon...

Open Happening

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498

Security Patch Release
First: 21.05.2026 10:49 Last: 21.05.2026 10:49 Sources 1

About this happening: Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...

Latest development: 21.05.2026 12:52

Microsoft released patches for Microsoft Defender Antimalware Platform version 4.18.26040.7 to address CVE-2026-41091, a link-following privilege-escalation flaw that can let an authorized attacker elevate privileges locally to System, and CVE-2026-45498, a denial-of-service flaw. Microsoft said both vulnerabilities were publicly disclosed and exploited in the wild as zero-days. CISA added both flaws to its Known Exploited Vulnerabilities (KEV) list and urged federal agencies to patch them by June 3.

Open Happening

Timeline

  1. 15.10.2025 12:23 2 articles · 7mo ago

    Microsoft releases 183 fixes and ends standard Windows 10 support

    Initial Disclosure

    Microsoft released fixes for 183 security flaws across its products, including CVE-2025-24990, CVE-2025-59230, and CVE-2025-47827, which were already under active exploitation. The update also included 25 Chromium-based Edge fixes, and standard Windows 10 support ended unless devices are enrolled in the Extended Security Updates (ESU) program. The exploited issues were added to CISA's Known Exploited Vulnerabilities (KEV) catalog, with federal agencies required to apply the patches by November 4, 2025.

    Show sources
    Open in new tab