Microsoft has recently taken action regarding its out-of-band (OOB) update, KB5070881, aimed at mitigating a critical vulnerability in Windows Server Update Services (WSUS) identified as CVE-2025-59287. Unfortunately, this update has inadvertently disrupted Hotpatching capabilities on certain Windows Server 2025 systems, causing significant issues for IT administrators.
The company acknowledged in its documentation that a “very limited number” of Hotpatch-enrolled machines had their enrollment disabled after applying the patch. This was due to the update being initially rolled out to all Windows Server 2025 systems, irrespective of their Hotpatch status, which resulted in some machines losing their eligibility for future Hotpatch updates. The current state only allows Hotpatch updates for machines not enrolled in this system.
To mitigate the impact, Microsoft provided a workaround for affected machines. Those that have installed the update will temporarily be excluded from the Hotpatch program and will instead receive standard monthly security updates, which will necessitate system restarts. These machines are expected to re-enter the Hotpatch program after applying the baseline planned for January 2026. For those who downloaded but did not install the update, Microsoft recommends pausing and resuming Windows Update to ensure the correct updates are received.
In addition, Hotpatch-enrolled systems that have not applied this problematic update will be offered a separate security update, KB5070893, which will allow them to continue receiving Hotpatch updates without interruption.
The situation was further complicated by reports from security researchers and the Netherlands National Cyber Security Centre indicating that the vulnerabilities within WSUS were being actively exploited. Data suggests that over 2,600 WSUS servers remain exposed to potential threats, emphasizing the urgency for quick and effective remediation.
For further technical details, users can refer to the official Microsoft support resources for KB5070881 and KB5070893.
Hudson Valley Host is premier provider of cutting-edge hosting solutions, specializing in delivering a seamless online experience for businesses and individuals. We offer a comprehensive range of hosting services, including Shared Hosting, VPS, Dedicated Servers, and Colocation. With 24/7 technical support, robust security measures, and user-friendly control panels, we empower clients in managing their online presence effortlessly. Hudson Valley Host is your trusted partner in achieving online success.
For Inquiries or to receive a personalized quote, please reach out to us through our contact form here or email us at sales@hudsonvalleyhost.com.
