Technology and Science

Microsoft Patchday: Urgent Security Updates Released

by Archynetys Technology & Science Desk

close notice

This article is also available in
English.

It was translated with technical assistance and editorially reviewed before publication.

.

With more than 170 security vulnerabilities closed, Microsoft’s Patch Tuesday was above average this month. 17 fixes for critical gaps are available for Azure, Copilot, Office and the Windows Server Update Service (WSUS), among others. In addition, three actively attacked vulnerabilities with an “Important” rating make it particularly urgent to install the available updates (at best automatically).

Read more after the ad

Aktive Exploits…

According to Microsoft’s associated advisories, active exploits target the Windows Remote Access Connection Manager (CVE-2025-59230, CVSS score 7.8), an old Agere modem driver (CVE-2025-24990, 7.8) and the Linux-based IGEL OS that can be used on Windows systems (CVE-2025-47827, 4.6).

A patch will in future protect the Remote Access Connection Manager against local attackers who could have expanded their access rights using the gap. The Agere Driver (ltmdm64.sys) has been completely removed according to the security notice – and with it another opportunity for locally accessing bad guys to gain admin rights in the worst case.

The attack route via IGEL OS, which requires physical access and is therefore only rated “Medium”, was blocked by an update to the Linux operating system that was included with Patch Tuesday. However, the exploit possibility is likely to have affected only a few, specially configured systems in advance.

… and critical gaps

Microsoft classifies the following freshly patched vulnerabilities as critical:

Read more after the ad

In this context, the highest CVSS scores were assigned to the vulnerabilities CVE-2025-59246 in Azure Entra ID, CVE-2025-59287 in the WSUS (9.8 out of 10 each) and CVE-2025-49708 in a Windows graphics component (9.9).

Under certain conditions, numerous security gaps could be misused as a gateway to executing malicious program code remotely (remote code execution) – and thus, for example, to inject malicious code such as ransomware or to remotely control vulnerable systems.

More patches & information

Microsoft has marked many of the other available updates as “Important” or given a “High” rating. Among other things, they target the .NET framework, various Office components, PowerShell and the operating system kernel.

Microsoft provides detailed information about all security vulnerabilities and patches in the Security Update Guide.


(ovw)

The Archynetys Technology & Science Desk covers AI, consumer technology, internet culture, startups, cybersecurity, space, and scientific discovery. Coverage focuses on explaining why developments matter, who they affect, and what the next-order implications are for readers and industry.

Related Posts

Xbox Store Insider Update: New Look & Changes

AI Website Redesign: $250K Saved in 14 Days

Samsung Foldables: OLED Screen Concerns Emerge

Kang Dong-yoon: Aumobio Korea’s Software Mobility Vision

Samsung S26 Ultra: Vacation Camera Concerns?

Galaxy S26 Ultra Alternative: Cheaper Phone Options

Tungsten Coatings for Fusion Power | Electrochemical Deposition

NASA Monitors Sun for Artemis Moon Mission |...

Hidden Open Source: Code You Use Daily

Diamond Jubilee Torches Raise £15k for Charity |...

Leave a Comment