Microsoft October 2025 Patch Tuesday update (175 CVEs)
Security Patch Release
Summary
Hide ▲
Show ▼
Microsoft's October Patch Tuesday release closed 175 CVEs, including two actively exploited zero-days and multiple flaws the company expects attackers to target. The update affects a wide range of Microsoft products, so exposed and unmanaged systems face immediate risk if the fixes are delayed. It is the largest Microsoft Patch Tuesday in recent memory and arrives as Windows 10 reaches end of life for regular security patches.
Related Happenings
Microsoft YellowKey patch release (CVE-2026-45585)
Security Patch Release
H score20
First: 11.06.2026 20:43
Last: 11.06.2026 20:43
Sources 1
About this happening:
Microsoft's **Patch Tuesday** updates this week patched **YellowKey (CVE-2026-45585)**, closing a **Windows BitLocker** bypass that could expose protected volumes. The vendor rele...
Microsoft YellowKey patch release (CVE-2026-45585)
Security Patch ReleaseAbout this happening: Microsoft's **Patch Tuesday** updates this week patched **YellowKey (CVE-2026-45585)**, closing a **Windows BitLocker** bypass that could expose protected volumes. The vendor rele...
Microsoft security patch release for CVE-2026-42897
Security Patch Release
H score44
First: 10.06.2026 16:44
Last: 10.06.2026 16:44
Sources 1
About this happening:
**Microsoft** released **June 2026 Security Updates** for **Exchange Server 2016**, **Exchange Server 2019**, and **Exchange Server Subscription Edition (SE)** to fix **CVE-2026-4...
Microsoft security patch release for CVE-2026-42897
Security Patch ReleaseAbout this happening: **Microsoft** released **June 2026 Security Updates** for **Exchange Server 2016**, **Exchange Server 2019**, and **Exchange Server Subscription Edition (SE)** to fix **CVE-2026-4...
Microsoft Windows June 2026 Patch Tuesday zero-day fixes (multiple vulnerabilities)
Security Patch Release
H score40
First: 10.06.2026 12:57
Last: 10.06.2026 12:57
Sources 1
About this happening:
**Microsoft**'s **June 2026 Patch Tuesday** fixed **three Windows zero-days** that could yield **SYSTEM** access or bypass **BitLocker** on vulnerable systems.
Microsoft Windows June 2026 Patch Tuesday zero-day fixes (multiple vulnerabilities)
Security Patch ReleaseAbout this happening: **Microsoft**'s **June 2026 Patch Tuesday** fixed **three Windows zero-days** that could yield **SYSTEM** access or bypass **BitLocker** on vulnerable systems.
Microsoft June 2026 Patch Tuesday record 206-vulnerability update
Security Patch Release
H score55
First: 10.06.2026 12:38
Last: 10.06.2026 12:38
Sources 1
About this happening:
Microsoft shipped a **record 206-vulnerability** update for its software portfolio, including **three publicly disclosed flaws**. The release spans **Critical** and **Important**...
Microsoft June 2026 Patch Tuesday record 206-vulnerability update
Security Patch ReleaseAbout this happening: Microsoft shipped a **record 206-vulnerability** update for its software portfolio, including **three publicly disclosed flaws**. The release spans **Critical** and **Important**...
Microsoft June 2026 Patch Tuesday GreenPlasma and YellowKey fixes
Security Patch Release
H score15
First: 10.06.2026 02:11
Last: 10.06.2026 02:11
Sources 1
About this happening:
**Microsoft** released **June 2026 Patch Tuesday** updates that fixed the **GreenPlasma** and **YellowKey** flaws, closing two previously disclosed issues in the Windows ecosystem...
Microsoft June 2026 Patch Tuesday GreenPlasma and YellowKey fixes
Security Patch ReleaseAbout this happening: **Microsoft** released **June 2026 Patch Tuesday** updates that fixed the **GreenPlasma** and **YellowKey** flaws, closing two previously disclosed issues in the Windows ecosystem...
Timeline
-
15.10.2025 00:53 3 articles · 8mo ago
Microsoft October 2025 Patch Tuesday release
Initial DisclosureMicrosoft's October 2025 Patch Tuesday security update delivered 175 CVEs across Windows and other products, including CVE-2025-59230 and CVE-2025-24990, two zero-days already being actively exploited, plus three previously disclosed issues and more than a dozen flaws Microsoft considers likely exploitation targets.
Show sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
- Microsoft fixes highest-severity ASP.NET Core flaw ever — www.bleepingcomputer.com — 17.10.2025 18:35
-
15.10.2025 00:53 1 articles · 8mo ago
Active exploitation of Windows and IGEL OS zero-days
Exploitation ObservedAttackers were already exploiting CVE-2025-59230 in Windows Remote Access Connection Manager and CVE-2025-24990 in the Windows Agere modem driver, while CVE-2025-47827 in IGEL OS had a public proof of concept since May and was also described as actively exploitable.
Show sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
-
15.10.2025 00:53 1 articles · 8mo ago
Microsoft removes the Agere modem driver
Mitigation Patch UpdateMicrosoft removed the Windows Agere modem driver ltmdm64.sys through the October cumulative update to block the exploitation path tied to the modem-service flaws, and Microsoft advised removing existing dependencies on that hardware because Agere modems using the driver would no longer work on Windows.
Show sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53
-
15.10.2025 00:53 1 articles · 8mo ago
Windows 10 reaches end of regular patching
Legal Policy Action UpdateThe October Patch Tuesday cycle marked Windows 10 end of life for regular security patches, meaning Microsoft will no longer issue routine Patch Tuesday fixes for the operating system even though it still holds a large share of the desktop Windows market.
Show sources
- Microsoft Drops Terrifyingly Large October Patch Update — www.darkreading.com — 15.10.2025 00:53