The National Computer Emergency Response Team (National CERT) has raised an alarm regarding a significant security vulnerability found in Microsoft Windows Server Update Services (WSUS), which is being actively exploited by hackers. This flaw, identified as CVE-2025-59287, is a remote code execution (RCE) vulnerability that enables attackers to gain full control of affected servers. With this access, they can execute arbitrary commands, steal sensitive data, or deploy malicious software. Microsoft has released a dedicated security patch to resolve the issue.
The vulnerability has a severity rating of 9.8 out of 10 and stems from improper handling of WSUS authorization cookies. Any Windows Server system that has not been updated and exposes WSUS web connections on ports 8530 (HTTP) or 8531 (HTTPS) is notably vulnerable. Reports indicate that attackers are leveraging this weakness to distribute malware, extract login credentials, and traverse connected networks.
The advisory details that this type of attack can be executed easily and does not require user interaction or administrative privileges. Hackers only need network access to the WSUS service to issue harmful web requests and activate the exploit. System administrators are urged to review their server and IIS logs for any suspicious activities or odd web traffic targeting WSUS.
To mitigate the risks, National CERT suggests promptly installing Microsoft’s security patch from October 2025, restricting access to WSUS ports from untrusted networks, and ensuring WSUS is accessible solely to trusted internal users. If immediate patching is not feasible, organizations are advised to temporarily disable or isolate vulnerable WSUS servers and keep a close watch on their systems.
The advisory insists that, given the active exploitation of this vulnerability, IT departments in both governmental and private sectors should prioritize addressing this issue.
For related information, read about the critical security flaws in internet routers.
Hudson Valley Host is premier provider of cutting-edge hosting solutions, specializing in delivering a seamless online experience for businesses and individuals. We offer a comprehensive range of hosting services, including Shared Hosting, VPS, Dedicated Servers, and Colocation. With 24/7 technical support, robust security measures, and user-friendly control panels, we empower clients in managing their online presence effortlessly. Hudson Valley Host is your trusted partner in achieving online success.
For Inquiries or to receive a personalized quote, please reach out to us through our contact form here or email us at sales@hudsonvalleyhost.com.
