25 matches found
CVE-2026-32224
The CVE-2026-32224 entry concerns Windows Server Update Services (WSUS) with an Elevation of Privilege vulnerability. The CVSS metrics indicate a LOCAL attack vector, requiring LOW privileges and HIGH impact on confidentiality, integrity, and availability, with a HIGH attack complexity and no use...
CVE-2026-26174 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
...
January 17, 2026—KB5077800 (OS Build 20348.4650) Out-of-band
None None...
CVE-2026-20856 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
...
ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access
A recently patched security flaw in Microsoft Windows Server Update Services WSUS has been exploited by threat actors to distribute a malware known as ShadowPad. "The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access," AhnLab Security Intelligence...
📄 Windows Server Update Service Deserialization Remote Code Execution
This Metasploit module exploits a deserialization vulnerability in the legacy serialization mechanism in Windows Server Update Services WSUS. The vulnerability allows an unauthenticated attacker to create a specially crafted event, which triggers an unsafe deserialization upon server...
Exploit for Deserialization of Untrusted Data in Microsoft
CVE-2025-59287 WSUS RCE Exploit - README Summary This rep...
Exploit for Deserialization of Untrusted Data in Microsoft
CVE-2025-59287 ⚠ This tool is created solely for educatio...
Hackers Exploit WSUS Flaw to Spread Skuld Stealer Despite Microsoft Patch
Cybercriminals exploit a WSUS vulnerability to deploy Skuld Stealer malware, even after Microsoft released an urgent security patch...
Exploit for CVE-2025-59287
wsus-decoy Defensive proof of concept decoy for CVE-2025-5928...
Microsoft Patch Tuesday Oct 2025 Fixs 175 Vulnerabilities including 3 Zero-Days
October's Microsoft Patch Tuesday fixes 170+ flaws, including 3 actively exploited zero-days and critical WSUS RCE CVSS 9.8. Immediate patching is mandatory. Final free updates for Windows 10...
October 23, 2025—KB5070883 (OS Build 17763.7922) Out-of-band
None None...
October 23, 2025—KB5070881 (OS Build 26100.6905) Out-of-band
None None...
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network...
Microsoft Windows Server 代码问题漏洞
Microsoft Windows Server is a set of server operating systems from the American company Microsoft Microsoft. A remote code execution vulnerability exists in Microsoft Windows Server, which can be exploited by an attacker to execute arbitrary code on a target system by sending a specially crafted...
October 8, 2024—KB5044356 (Monthly Rollup)
None None...
CVE-2023-35317
Windows Server Update Service WSUS Elevation of Privilege Vulnerability...
.NET 6.0 Update - Mar 14, 2023 (KB5024670)
None None...
August 10, 2021 Servicing Stack Update (KB5005410)
None None...
Update for SIP to enable WinVerifyTrust function in Windows Server 2008 R2 SP1 to work with a later version of Windows
Update for SIP to enable WinVerifyTrust function in Windows Server 2008 R2 SP1 to work with a later version of Windows About this update Subject Interface Packages SIPs are required in order to read the digital signatures on specific file types. After you install this update, SIPs enable the...