Service Notices
Microsoft Releases October 2025 Security Updates
Oct 17, 2025 GMT+08:00
I. Overview
Huawei Cloud noticed that Microsoft has released its October 2025 Security Updates. A total of 167 security vulnerabilities have been disclosed, among which 7 are marked as important vulnerabilities. Attackers can leverage these vulnerabilities to execute remote code, escalate privileges, and breach information. The affected applications include Microsoft Windows, Microsoft Office, Azure and .NET.
For details, visit the Microsoft official website:
https://msrc.microsoft.com/update-guide/releaseNote/2025-Oct
The following vulnerabilities require close attention as their details have been disclosed or they have already been exploited by attackers:
Windows Remote Access Connection Manager Privilege Escalation Vulnerability (CVE-2025-59230): Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. This vulnerability has been exploited in the wild, and the risk is high.
Privilege escalation vulnerability in the Windows Agere modem driver (CVE-2025-24990): A vulnerability exists in the third party Agere Modem driver that ships natively with supported Windows OSs. Attackers who successfully exploit this vulnerability may obtain administrator permissions. This vulnerability has been exploited in the wild, and the risk is high.
Windows Agere Modem Driver Elevation of Privilege Vulnerability (CVE-2025-24052): An attacker who successfully exploited this vulnerability could gain administrator privileges on the affected system. The vulnerability has been disclosed, and the risk is high.
13 vulnerabilities (CVE-2025-59287, CVE-2025-24052, and CVE-2025-55680) are marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Microsoft Windows, Microsoft Office, Azure, .NET, and other products.
IV. Vulnerability Details
|
CVE ID |
Vulnerability Name |
Severity |
Vulnerability Description |
|
CVE-2025-59287 |
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability |
Major |
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network. |
|
CVE-2025-59227 |
Microsoft Office Remote Code Execution Vulnerability |
Major |
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
|
CVE-2025-59292 |
Azure Compute Gallery Elevation of Privilege Vulnerability |
Major |
External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally. |
|
CVE-2025-59291 |
Confidential Azure Container Instances Elevation of Privilege Vulnerability |
Major |
External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally. |
|
CVE-2025-49708 |
Microsoft Graphics Component Elevation of Privilege Vulnerability |
Major |
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network. |
|
CVE-2025-59236 |
Microsoft Excel Remote Code Execution Vulnerability |
Major |
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
|
CVE-2025-59234 |
Microsoft Office Remote Code Execution Vulnerability |
Major |
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)
V. Security Recommendations
1. Use Windows Update or download patches from the following address to fix the vulnerabilities:
https://msrc.microsoft.com/update-guide
2. Back up data remotely to protect your data.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.