美国网络安全与基础设施安全局（CISA）向全球组织发出警告，微软Windows Server Update Services（WSUS）中存在一个正被积极利用的关键远程代码执行（RCE）漏洞。

An out-of-band (OOB) security update that patches an actively exploited Windows Server Update Service (WSUS) vulnerability ...

Microsoft has issued an emergency Windows server security patch to fix a critical severity flaw apparently abused in the wild. As part of its most recent Patch Tuesday cumulative update (October 14, ...

Security researchers are warning that cyber threat actors are abusing a critical vulnerability in Microsoft Windows Server Update Service. The vulnerability, tracked as CVE-2025-59287, involves ...

该漏洞利用了 GetCookie 端点中的遗留序列化机制，其中加密的 AuthorizationCookie 对象使用 AES-128-CBC 解密，并通过 BinaryFormatter 反序列化，无需类型验证，从而为整个系统接管打开了大门。

Microsoft halts KB5070881 after reports it broke Hotpatch on Windows Server 2025 while patching an actively exploited WSUS ...

The Cybersecurity and Infrastructure Security Agency (CISA) ordered U.S. government agencies to patch a critical-severity Windows Server Update Services (WSUS) vulnerability after adding it to its ...

The Cybersecurity and Infrastructure Security Agency issued updated guidance on a critical vulnerability in Windows Server ...

Windows Server 2025 is currently vulnerable to a Remote Code Execution exploit and a patch for the issue doesn't seem to be ...

Tracked as CVE-2025-33073, the vulnerability affects the Windows Server Message Block client, a core component used for file ...

Thieves broke in through a second-floor window, but the museum has had other problems with unsecured Windows too, according ...

“Microsoft says those on Windows 10 will see ‘Your version of Windows has reached the end of support,’ even when their PC is ...