Microsoft released patches for 175 vulnerabilities during October 2025, including three zero-day exploits actively under attack. Notable issues involve privilege escalation in Windows components and Secure Boot bypasses, with some updates marking the final support for Windows 10. #CVE2025-59230 #CVE2025-24990 #CVE2025-47827
Keypoints
- October 2025 Patch Tuesday addressed 175 vulnerabilities across multiple vendors.
- Three zero-day vulnerabilities actively exploited, added to CISAβs KEV database.
- Vulnerabilities include privilege escalation in Windows Remote Access Connection Manager and Agere Modem Driver.
- Microsoft announced the end of support for Windows 10 with this update.
- Two critical vulnerabilities in Microsoft products scored 9.8 in severity, enabling remote code execution and elevation of privileges.
Read More: https://thecyberexpress.com/patch-tuesday-october-2025-zero-days/