A critical Windows vulnerability has been exploited in the wild

Microsoft disclosed a critical remote code execution vulnerability in Windows Server’s WSUS component, affecting multiple versions from 2012 to 2025. The flaw allows unauthenticated attackers to exploit unsafe object deserialization, potentially executing arbitrary code with System privileges. A proof-of-concept exploit was published by HawkTrace, and active exploitation has been confirmed by Eye Security and the Dutch National Cyber Security Centre. Microsoft has released an additional patch and advises disabling the WSUS Server Role as a temporary mitigation until updates are applied.

Read more:

https://www.securityweek.com/critical-windows-server-wsus-vulnerability-exploited-in-the-wild/