{"id":331585,"date":"2025-10-25T13:09:13","date_gmt":"2025-10-25T13:09:13","guid":{"rendered":"https:\/\/www.europesays.com\/us\/331585\/"},"modified":"2025-10-25T13:09:13","modified_gmt":"2025-10-25T13:09:13","slug":"act-now-microsoft-issues-emergency-windows-update-as-attacks-begin","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/us\/331585\/","title":{"rendered":"Act Now \u2014 Microsoft Issues Emergency Windows Update As Attacks Begin"},"content":{"rendered":"<p><img decoding=\"async\" class=\" top-image\" src=\"https:\/\/www.europesays.com\/us\/wp-content\/uploads\/2025\/10\/1761397753_588_960x0.jpg\" alt=\"Microsoft logo on smartphone.\" data-height=\"2554\" data-width=\"3832\" fetchpriority=\"high\" style=\"position:absolute;top:0\"\/><\/p>\n<p>Windows Server is under attack, act now.<\/p>\n<p>SOPA Images\/LightRocket via Getty Images<\/p>\n<p>Hot on the heels of a <a class=\"color-link\" href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2025\/10\/24\/update-now---google-issues-emergency-fix-for-35-billion-chrome-users\/\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/daveywinder\/2025\/10\/24\/update-now---google-issues-emergency-fix-for-35-billion-chrome-users\/\" target=\"_self\" aria-label=\"Chrome emergency security update\" rel=\"nofollow noopener\">Chrome emergency security update<\/a> issued by Google,  Microsoft has now also confirmed an emergency fix for a critical Windows vulnerability. Acting now is paramount as the Cybersecurtity and Infrastructure Security Agency has warned that attacks are already underway. Here\u2019s what you need to know and do about CVE-2025-59287.<\/p>\n<p><a class=\"embed-base color-body color-body-border link-embed embed-1\" href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2025\/10\/24\/paypal-users-warned-do-not-pay-do-not-phone-as-attackers-strike\/\" target=\"_blank\" aria-label=\"PayPal Users Warned \u2018Do Not Pay, Do Not Phone\u2019 As Attackers Strike\" data-ga-track=\"forbesEmbedly:https:\/\/www.forbes.com\/sites\/daveywinder\/2025\/10\/24\/paypal-users-warned-do-not-pay-do-not-phone-as-attackers-strike\/\" rel=\"nofollow noopener\">ForbesPayPal Users Warned \u2018Do Not Pay, Do Not Phone\u2019 As Attackers StrikeBy Davey Winder<\/a>Microsoft Confirms Emergency Security Update For Windows Server Users<\/p>\n<p>Less than a week after <a class=\"color-link\" href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2025\/10\/21\/update-microsoft-windows-server-10-and-11-now---attacks-underway\/\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/daveywinder\/2025\/10\/21\/update-microsoft-windows-server-10-and-11-now---attacks-underway\/\" target=\"_self\" aria-label=\"CISA issued a warning\" rel=\"nofollow noopener\">CISA issued a warning<\/a> for federal agencies to update Windows Server, Windows 10 and Windows 11 due to ongoing server message block attacks, lightning has struck twice for Windows Servers users. Now CISA has confirmed that attacks are underway that exploit <a class=\"color-link\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-59287\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" data-ga-track=\"ExternalLink:https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-59287\" aria-label=\"CVE-2025-59287\">CVE-2025-59287<\/a>, a critical vulnerability within the Windows Server Update Service that can enable a hacker to remotely execute malicious code over the network.<\/p>\n<p>Microsoft stated: \u201cThe WSUS Server Role is not enabled by default on Windows servers. Windows servers that do not have the WSUS server role enabled are not vulnerable to this vulnerability. If the WSUS server role is enabled, the server will become vulnerable if the fix is not installed before the WSUS server role is enabled.\u201d<\/p>\n<p><a class=\"embed-base color-body color-body-border link-embed embed-2\" href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2025\/10\/24\/the-whatsapp-1-million-hack-mystery---what-you-need-to-know\/\" target=\"_blank\" aria-label=\"The WhatsApp $1 Million Hack Mystery \u2014 What You Need To Know\" data-ga-track=\"forbesEmbedly:https:\/\/www.forbes.com\/sites\/daveywinder\/2025\/10\/24\/the-whatsapp-1-million-hack-mystery---what-you-need-to-know\/\" rel=\"nofollow noopener\">ForbesThe WhatsApp $1 Million Hack Mystery \u2014 What You Need To KnowBy Davey Winder<\/a><\/p>\n<p>CISA, meanwhile, has issued <a class=\"color-link\" href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/10\/24\/cisa-adds-two-known-exploited-vulnerabilities-catalog\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" data-ga-track=\"ExternalLink:https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/10\/24\/cisa-adds-two-known-exploited-vulnerabilities-catalog\" aria-label=\"a warning\">a warning<\/a> giving certain federal agencies just two weeks to ensure they do so under a binding directive. America\u2019s Security Agency <a class=\"color-link\" href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/10\/24\/microsoft-releases-out-band-security-update-mitigate-windows-server-update-service-vulnerability-cve\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" data-ga-track=\"ExternalLink:https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/10\/24\/microsoft-releases-out-band-security-update-mitigate-windows-server-update-service-vulnerability-cve\" aria-label=\"also said\">also said<\/a> that it \u201cstrongly urges organizations to implement Microsoft\u2019s updated Windows Server Update Service Remote Code Execution Vulnerability guidance, or risk an unauthenticated actor achieving remote code execution with system privileges.\u201d<\/p>\n<p>CISA recommends the following course of action:<\/p>\n<ul>\n<li>Identify servers that are currently configured to be vulnerable to exploitation.<\/li>\n<li>Apply the out-of-band security update released on October 23, 2025, to all servers so identified.<\/li>\n<li>Reboot WSUS servers after installation to complete mitigation.<\/li>\n<\/ul>\n<p>If you cannot update right now, it is advised that the WSUS server role be disabled and that inbound traffic to ports 8530 and 8531 be blocked at the host firewall.<\/p>\n<p>Microsoft said that it\u2019s important that Windows Server admins \u201cdo not undo either of these workarounds until after you have installed the update.\u201d I know it\u2019s the weekend, but hey, you know what to do.<\/p>\n","protected":false},"excerpt":{"rendered":"Windows Server is under attack, act now. SOPA Images\/LightRocket via Getty Images Hot on the heels of a&hellip;\n","protected":false},"author":3,"featured_media":331586,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[71547,164574,164573,164575,158,67,132,68,794,164569,164570,164572,93354,164571],"class_list":{"0":"post-331585","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-technology","8":"tag-cisa-warning","9":"tag-critical-windows-update","10":"tag-cve-2025-59287","11":"tag-emergency-windows-update","12":"tag-technology","13":"tag-united-states","14":"tag-unitedstates","15":"tag-us","16":"tag-windows","17":"tag-windows-server","18":"tag-windows-server-update","19":"tag-windows-under-attack","20":"tag-windows-update","21":"tag-wsus"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@us\/115434970920778128","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts\/331585","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/comments?post=331585"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts\/331585\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/media\/331586"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/media?parent=331585"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/categories?post=331585"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/tags?post=331585"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}