Skip to content
BLOG

Patch Tuesday October 2025

Brock Bingham candid headshot
Brock Bingham|October 14, 2025
Patch Tuesday (light blue)
Patch Tuesday (light blue)
Sections

October’s Patch Tuesday carries extra weight this year. Today marks the official end of support for Windows 10 and several other popular Microsoft products, including versions of Office, Exchange Server, Visual Studio, and more. After today, these products will no longer receive security and feature updates, meaning this month’s patches might be the last some of your devices ever see, so hopefully Microsoft makes them count. Let’s find out! 

Severity 

  • Total exploits patched: 173 

  • Critical patches: 9 

  • Important: 162 

  • Moderate: 2 

  • Low: 0 

Vulnerability impact 

  • Remote code execution: 32 

  • Elevation of privilege: 80 

  • Information disclosure: 28 

  • Spoofing: 10 

  • Tampering: 1 

  • Denial of service: 11 

  • Feature bypass: 11 

Availability 

  • Publicly disclosed: 3 

  • Actively exploited: 3 

 Some highlights (or lowlights) 

  • CVE-2025-59287: Microsoft had everyone worried last year when they announced the deprecation of WSUS, and when I say everyone, I mean three people, give or take three people. But like I said back then, nothing was going to change, and just to prove it, Microsoft is out here patching CVE-2025-59287, which is 9.8 RCE vulnerability affecting WSUS. So all three of you still clinging on to WSUS can sleep soundly tonight knowing that WSUS will never die. Never … 

  • CVE-2025-24990: CVE-2025-24990 is one of our actively exploited CVEs, coming in with a 7.8 CVSS score. So how bad is it? Well, Microsoft only gave it a severity of “Important,” but if you love to send faxes, then it’s time to panic because Microsoft’s official fix is to basically disable the Agere Modem driver that ships with some Windows systems. I personally think this vulnerability is fabricated by Microsoft as a way to get people stop using fax, which I fully support.

  • CVE-2025-59230: And if you like your remote connections with a side of public exploitation, then you’re in luck. CVE-2025-59230 is another of today’s zero-day exploits, this one targeting and leveraging improper access control in Windows Remote Access Connection Manager to elevate their privileges locally. This CVE would probably be rated higher, but it has a local attack vector. Now that doesn’t mean someone couldn’t exploit this remotely by convincing one of our users to do something silly, like click on a malicious link or something, but our users would never do that. Right? 

Wrapping up 

That wraps up October’s Patch Tuesday and closes the book on an era of Microsoft software. If you’re still running Windows 10 or any of the other products hitting end of life, it’s officially time to plan your next move. Unsupported software won’t get new fixes or protections, which means the real risk starts now. Patch what you can today, upgrade where you must tomorrow, and give those legacy systems the retirement they’ve earned. 

Loading...

Brock Bingham candid headshot
Brock Bingham

Born in the '80s and raised by his NES, Brock quickly fell in love with everything tech. With over 15 years of IT experience, Brock now enjoys the life of luxury as a renowned tech blogger and receiver of many Dundie Awards. In his free time, Brock enjoys adventuring with his wife, kids, and dogs, while dreaming of retirement.

Related articles

Illustration of computer desk and monitor with PDQ logo

Keeping PDQ safe: Certificates and user verification 

PRODUCT

Illustration of computer with shield and lock that represents security

Best practices for corporate password policies

SECURITY

Laptop computer with padlock over it on orange background

National Cybersecurity Awareness Month: A chance to push real change

SECURITY