Blog > Critical Vulnerabilities

CRITICAL Security Vulnerability in Microsoft WSUS CVE-2025-59287 (score of 9.8/10)

A security vulnerability with a severity rating of CRITICAL (CVE-2025-59287, score of 9.8/10) has been discovered in Microsoft WSUS.

This flaw, classified as RCE (Remote Code Execution), poses the risk that a malicious individual could remotely execute arbitrary code on a machine without requiring authentication. In other words, the attack can succeed even if you use a very complex password with MFA to access the server with the RCE vulnerability.

 

Vulnerable versions

The following Windows servers are vulnerable:

  • Windows 2012/2012 R2

  • Windows 2016

  • Windows 2019

  • Windows 2022

  • Windows 2025

 

Considerations for vulnerabilities with a score of 9.8

The vulnerability score is very high (9.8 on a scale of 10), which means that:

  • The vulnerability can be easily exploited remotely.

  • No authentication is required to exploit the vulnerability.

  • The attacker does not need to know the password of the attacked server.

  • The vulnerability can be easily exploited.

  • The impact on the attacked target can be significant.

 

Proofs of concept (POCs) are currently available

  • Proofs of concept/POCs (computer programs showing how the vulnerability can be exploited) are currently available and accessible on the Internet. Anyone can download them.

  • The existence of POCs greatly increases the risk of a vulnerability being exploited.

 

Recommended measures

Microsoft has created a patch for this vulnerability. You can download it here:

  • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287

Other recommendation

  • Block incoming communications to your WSUS server on ports 8530 and 8531. Blocking must be done at the main network firewall as well as on the local firewall of the WSUS server.

 

What Streamscan is doing to protect you

If you are a Streamscan partner:

  • We have set up a crisis unit to monitor developments related to this critical vulnerability. We will implement the appropriate response measures.

  • Our DRG/MDR security monitoring team remains vigilant in monitoring your network.

  • Need help? Talk to one of our experts or call us at +1 877 208-9040.

 

Need expert advice for your situation?

Our specialists are here to help.

Take advantage of a free, no-commitment consultation to discuss your challenges, priorities, and find solutions tailored for your company.

Contact an expert now
A man pointing to computer screen