Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam
First published: 25 Oct 2025
Last updated: 25 Oct 2025

Content written for

Small & medium business
Large organisations & infrastructure
Government

This alert has been written primarily for, but is not limited to, business and government.

This alert is intended for a technical audience.

Background

Microsoft has identified the following vulnerability in the Microsoft Windows Server Update Service:

  • CVE-2025-59287: This vulnerability involves deserialisation of untrusted data in WSUS, which could enable an unauthenticated actor to achieve remote code execution with system privileges. The ASD’s ACSC recommends that organisations take immediate action to address affected products.
  • The vulnerability impacts Microsoft Windows Server Update Service in Windows Server (2012, 2016, 2019, 2022 and 2025).

Mitigation advice

Australian organisations should review their networks for use of vulnerable instances of the Windows Server Update Service (WSUS), and consult the Microsoft Security Update guide for mitigation advice.

Where to get help

Organisations that have been impacted, suspect impact or require advice and assistance can contact us via 1300 CYBER1 (1300 292 371).

Was this helpful?
Yes this was helpful
No this was not helpful

Thanks for your feedback!

We welcome additional feedback below.

Was this information easy to understand?
Will you take action after reading this?
Did you find the information you were looking for?
Did the design and layout of this page meet your expectations?