HomeMicrosoft Patch Tuesday › October 2025

Please link to this page, it changes often. Thank you! The Senserva Team.

Microsoft Patch Tuesday, October 2025

·

Microsoft's October 2025 security release, published October 14, 2025: 57 updates fixing 138 CVEs, ranked by confirmed exploitation, ransomware use, and severity. Provided by Senserva.

Still active now. 1 CVE from this release is on the Senserva hot list today (as of 2026-07-13), still ranked among the most dangerous vulnerabilities right now by confirmed exploitation, ransomware use, EPSS, and severity. See the current hot list.
57
Updates (KBs)
138
CVEs fixed
4
Actively exploited
11
Critical updates

Actively exploited CVEs (CISA KEV)

CVE-2025-59287Windows Server Update Service (WSUS) Remote Code Execution VulnerabilityCVSS 9.8Exploited Hot now
CVE-2025-24990Windows Agere Modem Driver Elevation of Privilege VulnerabilityCVSS 7.8Exploited
CVE-2025-59230Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityCVSS 7.8Exploited
CVE-2025-47827MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11CVSS 4.6Exploited

Other high-risk CVEs (CVSS 8.8+)

CVE-2025-55315ASP.NET Security Feature Bypass VulnerabilityCVSS 9.9
CVE-2025-59295Windows URL Parsing Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-58718Remote Desktop Client Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-54106Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-54110Windows Kernel Elevation of Privilege VulnerabilityCVSS 8.8
CVE-2025-54918Windows NTLM Elevation of Privilege VulnerabilityCVSS 8.8
CVE-2025-54113Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-55234Windows SMB Elevation of Privilege VulnerabilityCVSS 8.8
CVE-2025-21293Active Directory Domain Services Elevation of Privilege VulnerabilityCVSS 8.8
CVE-2025-59228Microsoft SharePoint Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-59237Microsoft SharePoint Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-59249Microsoft Exchange Server Elevation of Privilege VulnerabilityCVSS 8.8

Products fixed this month

Windows Server 2019 (16)Windows Server 2022 (16).NET 8.0 installed on Linux (15).NET 9.0 installed on Linux (15).NET 8.0 installed on Mac OS (13)Microsoft SharePoint Enterprise Server 2016 (10)Microsoft SharePoint Server 2019 (10)Windows Server 2019 (Server Core installation) (9)Windows 11 Version 25H2 for x64-based Systems (7)Windows 10 Version 1809 for x64-based Systems (7)
Take this release to your AI

Composed from the October 2025 release data above. Copy it into Claude, ChatGPT, or Copilot. Free, no sign-in.

Reference: Microsoft CVE and vulnerability management, ranked by real-world risk, and the Microsoft patching guide.
Data notice: this page is provided as is, for informational purposes only, without warranty of any kind. Senserva, LLC does not guarantee the accuracy, completeness, or timeliness of third-party data (MSRC, NVD, CISA KEV, EPSS) and accepts no liability for actions taken based on it; verify against the authoritative Microsoft advisory before acting. Built daily with Senserva Trustworthy AI. All use of this data is subject to the Senserva EULA.