25 matches found
CVE-2026-32224
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally...
CVE-2026-32224
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally...
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally...
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Server Update Service allows an authorized attacker to elevate privileges locally...
Metasploit Wrap-Up 11/14/2025
It has “SUS” in the name, what did you expect? This week’s release features the much-hyped CVE-2025-59287, a Critical-Severity Windows Server Update Service WSUS vulnerability that allows for SYSTEM level remote code execution. Documented among the multiple recent zero-days in Windows, the...
Exploit for Deserialization of Untrusted Data in Microsoft
cve-2025-59287-exploit-poc CVE-2025-59287 is a critica...
The Bug Report - October 2025 Edition
The Bug Report – October 2025 Edition By Jonathan Omakun · October 31, 2025 Why am I here? Welcome to October's cybersecurity horror show, where the tricks are malicious and the treats are... Well, there aren't any treats. Just vulnerabilities that would make even the most seasoned security...
Microsoft Releases Out-of-Band Security Update to Mitigate Windows Server Update Service Vulnerability, CVE-2025-59287
Updated October 29, 2025 : CISA has updated this Alert to include revised information on vulnerable product identification, potential threat activity detections, and additional resources. Microsoft released an update to address a critical remote code execution vulnerability impacting Windows Serv...
Newly Patched Critical Microsoft WSUS Flaw Comes Under Active Exploitation
Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Services WSUS vulnerability with a proof-of-concept Poc exploit publicly available and has come under active exploitation in the wild. The vulnerability in question is CVE-2025-59287 CVS...
EUVD-2025-20603
Malicious code in bioql PyPI...
About Elevation of Privilege – Windows Update Service (CVE-2025-48799) vulnerability
About Elevation of Privilege - Windows Update Service CVE-2025-48799 vulnerability. This vulnerability is from the July Microsoft Patch Tuesday. Improper link resolution before file access 'link following' in the Windows Update Service allows an authorized attacker to elevate privileges to "NT...
July Microsoft Patch Tuesday
July Microsoft Patch Tuesday. A total of 152 vulnerabilities - twice as many as in June. Of these, 15 vulnerabilities were added between the June and July MSPT. One vulnerability is exploited in the wild: Memory Corruption - Chromium CVE-2025-6554 One vulnerability has an exploit available on...
CVE-2025-48799
Improper link resolution before file access 'link following' in Windows Update Service allows an authorized attacker to elevate privileges locally...
CVE-2025-48799
Improper link resolution before file access 'link following' in Windows Update Service allows an authorized attacker to elevate privileges locally...
CVE-2025-48799
Improper link resolution before file access 'link following' in Windows Update Service allows an authorized attacker to elevate privileges locally...
CVE-2025-48799
CVE-2025-48799 is an Elevation of Privilege flaw in Windows Update Service (wuauserv) described as: improper link resolution before file access ('link following') can allow an authorized local attacker to elevate to NT AUTHORITY\SYSTEM when Windows 10/11 systems have at least two drives and Stora...
PT-2025-28533
Name of the Vulnerable Software and Affected Versions Windows versions prior to July 8, 2025 Description An improper link resolution vulnerability exists in the Windows Update Service before file access. This allows an authorized attacker to elevate privileges locally. The vulnerability affects...
Exploit for CVE-2024-31771
CVE-2024-31771 TotalAV Arbitrary File Write TotalAV version...
Windows Server 2012 SrClient DLL Hijacking Exploit
All editions of Windows Server 2012 but not 2012 R2 are vulnerable to DLL hijacking due to the way TiWorker.exe will try to call the non-existent SrClient.dll file when Windows Update checks for updates. This issue can be leveraged for privilege escalation if %PATH% includes directories that are...
CVE-2021-26866
Windows Update Service Elevation of Privilege Vulnerability...