The flaw, tracked as CVE-2025-59287, allows remote code execution in WSUS environments, posing significant risks to enterprise update infrastructures. Microsoft confirmed the issue on October 24, 2025, emphasizing that it affects only devices running the latest server edition.
The problematic update was initially pushed to all Windows Server 2025 machines, bypassing enrollment status for Microsoft’s innovative Hotpatch feature.
Hotpatching enables seamless security updates without reboots, a key selling point for reducing downtime in virtualized setups. However, a small number of Hotpatch-enrolled devices, primarily physical servers and virtual machines (VMs), received the update before Microsoft halted distribution.
Now, the patch is restricted to non-Hotpatch systems, leaving enrolled users to navigate workarounds amid ongoing threats.
This glitch highlights the complexities of rolling out zero-downtime updates in hybrid cloud environments, where WSUS serves as a central hub for patch management.
Security experts warn that delaying fixes for CVE-2025-59287 could expose networks to exploitation, especially in sectors such as finance and healthcare that rely on uninterrupted server operations. Microsoft’s rapid response underscores the challenges of balancing speed and stability in patch cycles.
For the limited devices that installed the faulty update, Microsoft advises patience. These machines are temporarily sidelined from the Hotpatch track, meaning they won’t receive November or December hotpatches.
Instead, they’ll pull standard monthly security updates requiring restarts, ensuring compliance but increasing operational friction. Come January 2026, a planned baseline update (KB5066835) will realign them, with Hotpatch resuming in February 2026. Administrators should monitor update histories via Windows Update logs to confirm status.
Devices that downloaded but haven’t installed the update can avoid disruption by navigating to Settings > Windows Update, pausing updates, then unpausing and rescanning. This triggers the corrected version, preserving Hotpatch eligibility.
Hotpatch-enrolled systems untouched by the initial rollout will receive the WSUS fix through a layered approach. Starting October 24, 2025, they’ll get the security update KB5070893 on top of the October baseline (KB5066835).
This combo delivers CVE-2025-59287 mitigation without derailing the Hotpatch schedule users stay on track for November and December releases. Notably, only WSUS-enabled machines face a post-install restart, minimizing broader impact.
Microsoft urges immediate action and provides detailed guidance on its support site. As enterprises grapple with this, it serves as a reminder of the trade-offs in adopting rebootless patching amid evolving threats.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Microsoft Patch for WSUS Vulnerability has Broken Hotpatching on Windows Server 2025 appeared first on Cyber Security News.
The HTC U24 Pro may not be gold, but its design is otherwise awfully similar…
The US Cybersecurity and Infrastructure Security Agency (CISA), which is part of the Department of…
On Thursday morning, I attended a Q&A panel with four top Samsung smartphone executives. Until…
The Scream franchise has been ramping up production over the last few years. Scream 5…
Amazon recently discounted the 2025 27" Samsung G5 OLED to $349.99, making it the lowest…
Between PlayStation's big PS Direct sale and Woot's new "Video Games For All!" sale, this…
This website uses cookies.