← Back
Take Action: Out-of-band update to address a vulnerability in Windows Server Update Services (WSUS)
MC1178653 · build prod-20251231-200323
Category
preventOrFixIssue
Severity
normal
Major change
False
Last modified
2025-10-24 02:26:26
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
Action by (AI)
Services
Windows
Tags
Admin impact
Master tags
Security
Roadmap IDs

One-line summary

A critical RCE vulnerability in WSUS reporting web service is fixed by an out-of-band Windows Server update released on 2025-10-23; immediate installation is recommended.

Similar updates

More like this
MC1179337 An updated version of the October 2025 Scan Cab is available
...dows Server 2022 ( KB5070884 )  Azure Automanage for Windows Server 2022 with Hotpatch ( KB5070892)   Windows Server 2019 ( KB5070883 ) Windows Server 2016 ( KB5070882 ) Windows Server 2012 R2 ( KB5070886 ) Windows Server 2012 ( KB5070887 )   The new Microsoft updates include an out-of-band update, released October 20, 2025, to fix an issue.
MC1180840 An updated version of the October 2025 Scan Cab is available
An updated version of the October 2025 Scan Cab is available Admins using WSUS and Scan Cab for Windows Server updates must re-acquire and re-deploy the October 2025 Scan Cab if downloaded before 8:54 PM PT on October 24, 2025, to address CVE-2025-59287. Additional information: Updated Scan Cab: Download the new Scan Cab here Take Action:.
MC1172445 The October 2025 Windows security update is now available
The October 2025 Windows security update is now available The October 2025 security update for Windows 10, 11, and supported Windows Server versions is now available, addressing security and reliability issues; prompt installation is recommended. The October 2025 security update is now available for all supported versions of Windows. We recommend.
MC1150625 Hardening changes for Windows Server Update Services in Windows Server 2025
Hardening changes for Windows Server Update Services in Windows Server 2025 Starting September 9, 2025, WSUS on Windows Server 2025 removes old code, affecting ESU updates for unsupported Windows OS; admins must take action to continue ESU servicing. Important hardening changes are here. Starting with the September 2025 security update, WSUS.
MC1073134 Out-of-band updates released for Windows Server 2008 and Windows Server 2008 R2
Out-of-band updates released for Windows Server 2008 and Windows Server 2008 R2 Out-of-band security updates for Windows Server 2008/R2 addressing CVE-2025-32709 are available for Premium Assurance customers as of May 13, 2025. Out-of-band (OOB) updates have been released today, May 13, 2025, for Windows Server 2008 and Windows Server 2008 R2..
MC1081492 (Updated) Take Action: Out-of-band update to address issue on devices running Hyper-V on some versions of Windows
(Updated) Take Action: Out-of-band update to address issue on devices running Hyper-V on some versions of Windows OOB updates released to fix confidential Hyper-V VM issues causing unexpected restarts; affected admins should apply the update from the Microsoft Update Catalog. To address this issue, out-of-band (OOB) updates have been.

Details

Body (from Message Center)

Microsoft has identified a remote code execution (RCE) vulnerability in the Windows Server Update Services (WSUS) reporting web service. Windows servers that do not have the WSUS server role enabled are not vulnerable to this vulnerability. For more information about the security fix, see CVE-2025-59287.

An out-of-band (OOB) update was released today, October 23, 2025, to address this issue. This is a cumulative update, so you do not need to apply any previous updates before installing this update, as it supersedes all previous updates for affected versions. If you haven’t installed the October 2025 Windows security update yet, we recommend you apply this OOB update instead. After you install the update you will need to reboot your system.
 
If you have not yet deployed the October 2025 Windows security update and your IT environment includes devices running on the versions of Windows listed below, we recommend you apply this OOB update instead:

Raw JSON (for debugging)

Expand/collapse the full payload below.
Show/hide raw 
{
  "snapshot_item": {
    "action_required_by": null,
    "ai_action_required_by": null,
    "ai_actions": [
      "Install the October 23, 2025 out-of-band update",
      "Reboot affected Windows Server systems"
    ],
    "ai_master_tags": [
      "Security"
    ],
    "ai_model": "gpt-4.1",
    "ai_summary": "A critical RCE vulnerability in WSUS reporting web service is fixed by an out-of-band Windows Server update released on 2025-10-23; immediate installation is recommended.",
    "ai_topics": [
      "Windows",
      "Windows Server"
    ],
    "category": "preventOrFixIssue",
    "details_map": {},
    "id": "MC1178653",
    "importance": 5,
    "is_major_change": false,
    "last_modified": "2025-10-24T02:26:26Z",
    "ms_products": [
      "Windows"
    ],
    "platforms": null,
    "roadmap_ids": [],
    "services": [
      "Windows"
    ],
    "severity": "normal",
    "tags": [
      "Admin impact"
    ],
    "title": "Take Action: Out-of-band update to address a vulnerability in Windows Server Update Services (WSUS)"
  }
}