Microsoft on Tuesday introduced the discharge of patches for 173 distinctive CVEs in its merchandise, together with two flaws which have been exploited within the wild. Patches had been additionally launched for 21 non-Microsoft CVEs.
The primary exploited concern, tracked as CVE-2025-24990 (CVSS rating of seven.8), is described as an untrusted pointer dereference bug that may be exploited for privilege escalation.
The safety defect impacts the Agere Modem driver that ships with supported Home windows iterations and will enable attackers to acquire administrative privileges on a weak system.
Microsoft’s October 2025 cumulative replace for Home windows methods removes the weak ltmdm64.sys driver, which can be impacted by CVE-2025-24052, an elevation of privilege weak point for which a proof-of-concept (PoC) exploit exists.
The second exploited vulnerability, CVE-2025-59230 (CVSS rating of seven.8), is described as an improper entry management in Home windows Distant Entry Connection Supervisor that might enable attackers to raise their privileges.
“An attacker who efficiently exploited this vulnerability may acquire SYSTEM privileges,” Microsoft notes, with out sharing particulars on the noticed exploitation.
Of the 173 distinctive Microsoft CVEs within the October 2025 advisory, solely 5 are critical-severity bugs. The corporate warns that roughly a dozen of those flaws are more likely to be exploited in assaults.
Of the 21 non-Microsoft CVEs within the October advisory, no less than one has been exploited within the wild. Tracked as CVE-2025-47827 and impacting IGEL OS, it might result in a Safe Boot bypass.Commercial. Scroll to proceed studying.
The defect resides within the igel-flash-driver module’s improper verification of a cryptographic signature, permitting attackers to mount a crafted root filesystem from an unverified SquashFS picture.
The US cybersecurity company CISA on Tuesday added all three exploited vulnerabilities to its KEV listing, urging federal businesses to handle them inside three weeks, as mandated by the Binding Operational Directive (BOD) 22-01.
One other flaw patched this month and price mentioning is CVE-2025-2884, a medium-severity out-of-bounds learn concern within the Trusted Platform Module (TPM) 2.0 reference library specification maintained by the Trusted Computing Group (TCG).
Microsoft additionally included in its advisory CVE-2025-0033, known as RMPocalypse, a race situation that may be exploited to interrupt the confidential computing ensures of AMD processors, and CVE-2025-59489, a bug within the gaming and utility editor Unity that might result in code execution.
Associated: CISO Conversations: Are Microsoft’s Deputy CISOs a Signpost to the Future?
Associated: All Microsoft Entra Tenants Have been Uncovered to Silent Compromise through Invisible Actor Tokens: Researcher
Associated: Senator Urges FTC Probe of Microsoft Over Safety Failures
Associated: Microsoft Patches 86 Vulnerabilities
