Microsoft

Microsoft

CVE-2025-53786: Critical Exchange Server Hybrid Vulnerability Guide

CVE-2025-53786 enables privilege escalation from on-premises Exchange Server to cloud environments in hybrid deployments. Organizations must apply Microsoft's April 18 Hot Fix and reset OAuth credentials immediately to prevent exploitation.

Microsoft

Critical WSUS Flaw CVE-2025-59287 Exploited in Windows Server

CVE-2025-59287 is a critical WSUS flaw in Windows Server that enables remote code execution. Exploitation is an active patch or disable WSUS immediately.

Microsoft

Record Patch Tuesday: Microsoft Fixes 175 Vulnerabilities, Critical ASP.NET Core CVE Scores 9.9

Microsoft’s October 2025 Patch Tuesday delivers a record 175 security fixes, including two actively exploited zero-days and a critical ASP.NET Core vulnerability (CVE-2025-55315) with a CVSS 9.9 rating. This update also marks the end of support for Windows 10.

Microsoft

Windows 10 Support Has Ended: What Security Teams Need to Do Now

Windows 10 reached the end of support on October 14, 2025, ending all security updates. Learn how to protect your systems and stay compliant.