The security flaw tracked under ID CVE-2025-59287 is affecting the Windows Server Update Services (WSUS) though Microsoft does not that servers that do not have the WSUS server role enabled are not vulnerable to this exploit. The emergency out-of-band (OOB) update, the second this month, is now out and the company notes that this is cumulative in nature too just like other Windows updates, which means admins and users will not need to install any other previous update before installing this OOB update.
Microsoft writes: "An out-of-band (OOB) update was released today, October 23, 2025, to address this issue. This is a cumulative update, so you do not need to apply any previous updates before installing this update, as it supersedes all previous updates for affected versions. If you haven’t installed the October 2025 Windows security update yet, we recommend you apply this OOB update instead."
-
Windows Server 2025 (KB5070881)
-
Windows Server, version 23H2 (KB5070879)
-
Windows Server 2022 (KB5070884)
-
Windows Server 2019 (KB5070883)
-
Windows Server 2016 (KB5070882)
-
Windows Server 2012 R2 (KB5070886)
-
Windows Server 2012 (KB5070887)
Micosoft notes that these updates are downloaded and installed automatically.