Microsoft Releases KB5070881, KB5070879, KB5070884 for Critical Windows Server Vulnerability

The vulnerability is tracked as CVE-2025-59287

News
Rishaj Upadhyay
Rishaj Upadhyay Shield
News Editor
News
Reading time icon 1 min. read
Calendar icon EEST
Windows 11 25H2 update feature banner

Earlier this week, Microsoft rolled out an emergency update for Windows 11 (KB5070773) to fix a USB input bug in Windows Recovery. Now, the company is back with another emergency OOB update, which fixes a severe remote code execution (RCE) vulnerability across all supported versions of Windows Server.

The vulnerability, tracked as CVE-2025-59287, affects the Windows Server Update Services (WSUS) component. Microsoft explains that servers without the WSUS server role enabled are not exposed to this exploit.

RCE vulnerabilities are among the most serious because attackers can execute malicious code remotely without needing physical access to a device. To mitigate the issue, Microsoft has issued an out-of-band (OOB) cumulative update, its third emergency patch this month.

The company further noted that administrators do not need to install any prior updates before installing this one.

Affected Versions and Patch Details

More about the topics: windows server

Rishaj Upadhyay

Rishaj Upadhyay Shield

News Editor

Rishaj is a tech writer who has been writing professionally for over four years, with a passion for Android, Windows, and all things tech. He initially joined Windows Report as a tech journalist and is now taking over as a news editor. When he's not breaking the keyboard, you can find him cooking, or listening to music/podcasts.

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

User forum

0 messages