Urgent WSUS Vulnerability: Patch Windows Server Now

A critical security flaw has been identified within Microsoft’s Windows Server Update Service (WSUS), prompting an urgent advisory from the Australian Cyber Security Centre. This vulnerability, designated CVE-2025-59287, poses a severe threat by potentially allowing unauthorized remote code execution with the highest system-level privileges. The warning specifically applies to Windows Server versions 2012, 2016, 2019, 2022, and the forthcoming 2025 release, making it a pressing concern for system administrators and IT professionals across business and government sectors.

The core of the problem lies in the service’s handling of data. The flaw enables the deserialization of untrusted information, creating a pathway for an unauthenticated attacker to remotely run malicious code. Because this code executes with system privileges, a successful exploit could lead to a complete compromise of the server. The ACSC has stressed that organizations must take immediate action to protect their infrastructure from this significant risk.

For mitigation, the primary step is to conduct a thorough review of your network to locate all instances of WSUS. System administrators are urged to consult the official Microsoft Security Update Guide for the latest patches and specific remediation steps. Applying the relevant security updates provided by Microsoft is the most effective way to close this security gap and protect your systems from potential attacks.

Organizations that believe they may have been impacted by this vulnerability, or those that need further technical support, can reach out for assistance. The ACSC can be contacted directly via their hotline at 1300 CYBER1, which is 1300 292 371. The full public alert, containing all technical details and recommendations, is available for review on the Australian Cyber Security Centre’s official website.

(Source: ITWire Australia)