Microsoft Patch Tuesday Oct 2025 Fixs 175 Vulnerabilities including 3 Zero-Days
hackread.comOctober’s Microsoft Patch Tuesday fixes 170+ flaws, including 3 actively exploited zero-days and critical WSUS RCE (CVSS 9.8). Immediate patching is mandatory. Final free updates for Windows 10.
Microsoft Patch Tuesday for October 2025 was massive, delivering over 170 security fixes, making immediate patching mandatory due to the volume and critical nature of the vulnerabilities across Windows, Office, and Azure cloud services.
Critical Zero-Day Exploits: Active Attacks Fixed
Three zero-day flaws confirmed to be under active attack were patched. These included two critical Elevation of Privilege (EoP) bugs in Windows and a Secure Boot bypass:
CVE-2025-24990 (Windows Agere Modem Driver EoP – CVSS 7.8, High): This actively exploited flaw was fixed by permanently removing the obsolete driver (ltmdm64.sys) from Windows. Fax modem hardware relying on this driver will cease to function on updated systems.
CVE-2025-59230 (Windows Remote Access Connection Manager EoP – CVSS 7.8, High): An improper ...
Copyright of this story solely belongs to hackread.com . To see the full text click HERE