Website logo

Get in touch

icon
contact-us
Home

Blog

Microsoft and Adobe Patch Tuesday, October 2025 Security Update |Qualys

Microsoft and Adobe Patch Tuesday, October 2025 Security Update |Qualys

As cybersecurity threats evolve, Microsoft's October 2025 Patch Tuesday offers one of the most comprehensive security updates of the year.Here is a short… Microsoft and Adobe Patch Tuesday, October 2025 security update In the press - Microsoft Patch Tuesday and...

Microsoft and Adobe Patch Tuesday October 2025 Security Update Qualys

As cybersecurity threats evolve, Microsoft's October 2025 Patch Tuesday offers one of the most comprehensive security updates of the year.Here is a short…

Microsoft and Adobe Patch Tuesday, October 2025 security update

In the press

- Microsoft Patch Tuesday and October 2025

-Adobe of Dobe for October 2025

- Zero Day Vulnerabilities similar to October Guest Edition

- Critical severity vulnerabilities in the October Patch Tuesday version

- Other Microsoft accessibility features

- Microsoft Release Summary

-Cover and first to category Maververbility Support, See and Respond (VMDR)

- Fast response with TruRisk Eliminate

- Automated threat mitigation and rapid response: Meet representative Sarah

- Calculate the intellectual capital

- Qualys' monthly webinar series

As the most extreme threat, Microsoft's MODSoft offers comprehensive security updates of the year on Tuesday until October 2025.Here's a quick breakdown of what you need to know.

Microsoft Patch Tuesday October 2025

This month's release fixes an incredible 193 vulnerabilities, including 9 critical vulnerabilities and 123 high severity vulnerabilities.

In this month's proceedings, Microsoft has called for six disclosures today.Of these, four were publicly acquired and two were disclosed.

Microsoft has addressed 14 vulnerabilities in Microsoft Edge (Chromium) in this month's update.

This class is at the end of the EDAT scene at the end of an era, including the Windows 3 KB506711 Currency Update update.

Microsoft Patch Tuesday, October version, with new items for Windows NTTFS ORKT, a new Sworte Manager for Windows (LSM Medine Manager (LSM House Manager) (LSM House Manager (LSM Power Server.

From privilege escalation flaws to remote code execution risks, this month's fixes are essential for organizations aiming to maintain a strong security posture.

Microsoft condensability for 202055 is classified as follows:

|Bad Categories |To value |severe pain |

|Depth of spinotopy |10 |Cost: 10 |

|Security Feature Bypass |11 |Important: 11 |

|Defense Service Protection Vulnerability |11 |Important: 11 |

|Privilege Vulnerability Increase |81|Critical: 3 Critical: 78 |

|Information Disclosure Vulnerability |28 |Important: 28 |

|Remote Code Execution Vulnerability |31 |critical: 5 important: 26 |

Adobe patches for October 2025

Adobe has released 12 security advisories to address 36 vulnerabilities in Adobe Connect, Adobe Commerce, Adobe Creative Cloud Desktop Application, Adobe Bridge, Adobe Animate, Adobe Experience Manager Screens, Substance 3D Viewer, Substance 3D Modeler, Adobe FrameMaker, Adobe Illustrator, Adobe Dimension, and Substance 3D Stager. 24 of these vulnerabilities are given critical severity ratings. Successful exploitation of these vulnerabilities may lead to privilege escalation, security feature bypass, and arbitrary code execution.

A zero-day vulnerability was published in October

CVE-2025-24990: The launch of the software driver for the vulnerability

The Windows Agere modem driver is a software component that allows a computer to communicate with an Agere (or LSI) modem, often a dial-up or fax modem built into older computers.

The vulnerability exists in the third-party Agere Modem driver that ships with supported Windows operating systems.The driver was removed in the October cumulative update.Successful exploitation of the vulnerability could allow an attacker to gain administrative privileges.

CISA has added the vulnerability to its catalog of exploited vulnerabilities, urging users to patch before November 4, 2025.

CVE-2025-59230: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

Remote Access Manager for Windows (Rsman) is a core Windows service that manages remote access and virtual private networks (Vnman) so that your computer can securely connect to remote networks.

An incorrect access control flaw in Windows Remote Access Connection Manager could allow an authenticated attacker to locally elevate privileges.After successful exploitation of the vulnerability, an attacker can gain system privileges.

CISA cataloged known user vulnerabilities and urged users to fix them before November 4, 2025.

CVE-2025-24052: Windows Clock driver

The vulnerability exists in a third-party Agar modem driver that ships natively with supported Windows operating systems.The driver was removed in the October Cumulative Update.Successful exploitation of the vulnerability could allow an attacker to gain administrative privileges.

CVE-2025-2884: Certificate CC: CVE-2025-2884 Out-of-bounds read vulnerability in the TCG TPM2.0 reference implementation

In the note, Microsoft mentioned that CVE-2025-2884 is related to a vulnerability in the CryptHmacSign helper in the CG TPM2.0 Reference implementation, which is vulnerable to Out-of-Bounds checking because the signature model is not validated with a signing key algorithm.

Certificate / CC Create this CC for them.Document Windows Upgrade CG TPM2.0 Unicrated performance information, this is the address of this information source."

CVER-2025-47827: Miter CVER-2025-47827: Safe start of IGEL OS before 11

"In the IGel operating system before 11 a.m., a secure boot could be bypassed because the Flash driver module does not properly verify the crystal signature," Microsoft explains.

CVE-2025-0033: AMD CVE-2025-0033: RMP corruption during SNP initialization

The vulnerability is in AMD EPYC processors that use Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP).It introduces a race condition at the start of the reverse mapping table (RMP) that could allow a malicious or compromised hypervisor to modify RMP entries before they are locked, potentially causing guest memory integrity SEV-SNP.This vulnerability does not expose data or secrets in plain text and requires privileged control of the hypervisor to exploit.

Critically critical vulnerabilities fixed in Tuesday's October patch

Cve-2025-59234: Microsoft Office Microsoft Office Discovery

An exploit free flaw in Microsoft Office would allow an untrusted attacker to execute code locally.An attacker must send a user a malicious file and convince the user to open it.

Cve-2025-49708: Windows image remote group

A use-after-free flaw in the Microsoft Graphics component could allow an authenticated attacker to execute code over a network.By successfully exploiting the vulnerability, an attacker could gain SYSTEM privileges.

CVE-2025259291: Azure Conceal Conder Intantel Upgrade for Good Reason

External control of file name or path in Azure Compute Gallery could allow an authenticated attacker to elevate privileges locally. An attacker could trick the system into mounting a malicious file share to a sensitive location, leading to remote code execution.

CVE-2025-59292: Azure Compute Gallery elevation of privilege vulnerability

Azure Compute Gallery is a service for centrally creating, managing, and sharing Virtual Machine (VM) images and other computing resources within and across organizations.

External control of the file name or path on the coffee machine would allow an attacker with higher privileges than the attacker.An attacker can trick the system into accessing the wrong shared object, leading to remote execution.

CVE-2025-59227: Vulnerability in Microsoft Office code

A post-implementation flaw in Microsoft Office could allow a malicious attacker to localize it.

CVE-2025-59287: Windows Servo Service Word (WSUs) Izu oke

Windows Server Update Service (WSUS) is a feature of Windows Server that allows IT administrators to manage the download and delivery of Microsoft product updates to computers on a local network.

Unauthenticated attackers can execute code over the network by deserializing untrusted data in the Windows Server Update service.Unauthenticated remote attackers can send crafted events that trigger the deserialization of vulnerable objects in legacy serialization mechanisms.This leads to remote code execution.

CVE-2016-9535: MITER CVE-2016-9535: LibTIFF heap buffer overflow vulnerability.

TIF_PREDICT.H and TIF_PREDICT.C in libtiff 4.0.6 have allegations that may cause allegation failures in debug mode or buffer overflows in discharge mode when working with unusual tile sizes such as a sub-sampled YCBC.Reported as MSVR 35105 AKA "mound-fugitive predictor.

CVE-2025-59236: Remote code execution vulnerability in Microsoft Excel

Error free for using Microsoft Office can allow an unauthorized attacker to execute local code.

CVE-2025-59246: Azure Entra ID elevation of privilege vulnerability.

Successful exploitation of the vulnerability could allow an attacker to elevate account privileges.

Another Microsoft Vulnerable

- Quoya-2025-48004 is a height of privilege vulnerability in the Microsoft Broker file system.An attacker must overcome a race condition to exploit the vulnerability.If successfully exploited, an attacker can gain system privileges.

Look for vulnerabilities by displaying information about Windows USB video system drivers.Successful exploitation of vulnerabilities may allow the display of specific memory addresses in the kernel space.

Look for: A read error that could allow an attacker to gain system privileges.

- Cve-2025-58722 is an elevation of privilege vulnerability in the Microsoft DWM Core library.Premium-based buffer flooding in Windows DWM can allow an attacker to gain system privileges.

- CHE-2025-59191 has a privileged vulnerability in the software protection platform.Improper access management flaws can lead to uneven attacker local privileges.

- Cve-2025-55680 is an elevation of privilege vulnerability in the Windows Cloud File Mini Filter Driver.Upon successful exploitation, the attacker can gain system privileges.

- CVE-MACE-2025-55692 is a privilege escalation in Windows error message.An attacker who used this vulnerability could gain administrative privileges.

- CVE-2025-55693 is a privilege escalation vulnerability in the Windows Kernel.An attacker must win a race condition to exploit this vulnerability.An attacker who successfully exploits this vulnerability can crash the system without exploiting the vulnerability, even if he is a standard user.

- CVE-2025-55694 is an elevation of privilege vulnerability in the Windows Error Reporting Service.An attacker who exploited this vulnerability could gain administrative privileges.

CVE-2025-59194 is an elevation of privilege vulnerability in the Windows kernel. An attacker would need to win a race condition to exploit this vulnerability. Successful exploitation of this vulnerability could allow an authenticated attacker to escalate privileges locally.

-CVE-2025-59502 is a denial of service vulnerability in a remote procedure call.An uncontrolled resource usage bug could allow an unauthenticated attacker to cause a denial of service on the network.

Microsoft release summary

This month’s release notes cover multiple Microsoft product families and products/versions affected, including, but not limited to, Agere Windows Modem Driver, Microsoft PowerShell, Windows Failover Cluster, Azure Connected Machine Agent, Microsoft Brokering File System, Virtual Secure Mode, Microsoft Graphics Component, Windows Kernel, Windows Device Association Broker service, Windows Digital Media, Windows Hello, Windows Virtualization-Based Security (VBS) Enclave, Xbox, Microsoft Exchange Server, Visual Studio, .NET, .NET, .NET Framework, Visual Studio, ASP.NET Core, Microsoft Configuration Manager, Azure Monitor, Windows Storage Management Provider, Connected Devices Platform Service (Cdpsvc), Windows Hyper-V, Windows BitLocker, Windows PrintWorkflowUserSvc, Windows NDIS, Windows USB Video Driver, Windows DirectX, Windows DWM, Windows Resilient File System (ReFS), Windows Error Reporting, Windows WLAN Auto Config Service, NtQueryInformation Token function (ntifs.h), Azure Local, Windows Routing and Remote Access Service (RRAS), Microsoft Windows, Windows Ancillary Function Driver for WinSock, Microsoft Windows Speech, Remote Desktop Client, Windows Cryptographic Services, Windows COM, Windows SMB Server, Windows Connected Devices Platform Service, Windows Bluetooth Service, Inbox COM Objects, Windows Remote Desktop, Windows File Explorer, Windows High Availability Services, Windows Core Shell, Microsoft Windows Search Component, Storport.sys Driver, Windows Management Services, Windows SSDP Service, Windows ETL Channel, Software Protection Platform (SPP), Data Sharing Service Client, Network Connection Status Indicator (NCSI), Windows StateRepository API, Windows Resilient File System (ReFS) Deduplication Service, Windows MapUrlToZone, Windows Push Notification Core, Azure Entra ID, Microsoft Office Word, Microsoft Office Excel, Microsoft Office Visio, Microsoft Office, Microsoft Office SharePoint, Windows Remote Access Connection Manager, Microsoft Office PowerPoint, Windows Health and Optimized Experiences Service, Azure PlayFab, JDBC Driver for SQL Server, Copilot, Windows DWM Core Library, Active Directory Federation Services, Microsoft Failover Cluster Virtual Driver, Redis Enterprise, Windows Authentication Methods, Windows SMB Client, XBox Gaming Services, Azure Monitor Agent, Windows Server Update Service, GitHub, Confidential Azure Container Instances, Windows Taskbar Live, Internet Explorer, Microsoft Defender for Linux, Windows Remote Procedure Call, AMD Restricted Memory Page, Microsoft Edge (Chromium-based), TCG TPM2.0, Windows Secure Boot, Microsoft Windows Codecs Library, and Games.

Discover and prioritize threats using threat management, assessment and response (VMDR).

Qualys VMDR automatically detects the New Sunday Box using constant updates to its knowledge (KB).

You can see all your hosts affected by these vulnerabilities using the following QLL query:

vulnerabilities.vulnerability: ( qid: 110508 or qid: 110509 or qid: 385525 or qid: 385526 or qid: 385527 or qid: 50143 or qid: 92311 or qid: 92312 or qid: 92313 or qid: 92314 or qid: 92315 or qid: 92316 or qid: 92317 or qid: 92318 or qid: 92319 or qid: 92321 )

Fast response with TruRisk™ elimination

Patch to the latest version

vagdrest quickly detects Windows windows by spreading the most important and active versions.You can simply select anyone in the cat or on the SURAR "missing" patch to be used and click.

QQL will release some missing planks on Tuesdays:

( qid: 110508 or qid: 110509 or qid: 385525 or qid: 385526 or qid: 385527 or qid: 50143 or qid: 92311 or qid: 92312 or qid: 92313 or qid: 92314 or qid: 92315 or qid: 92316 or qid: 92317 or qid: 92318 or qid: 92319 or qid: 92321 )

Mitigation: reducing risk to resolve

Not all teams can apply patches immediately due to operational challenges.TruRisk™ Eliminate allows security teams to implement mitigating controls that immediately reduce exposure and reduce Quality Detection Score (QDS).

As the first set of our mitigation signature package, we have developed Qualis vulnerabilities for the following 61 vulnerabilities:

CVE-2025-55247, CVE-2025-55315, CVE-2025-58719, CVE-2025-59191, CVE-2025-55326, CVE-2025-59295, CVE-2025-59189, CVE-2025-48004, CVE-2025-11207, CVE-2025-11209, CVE-2025-11211, CVE-2025-11460, CVE-2025-11458, CVE-2025-11212, CVE-2025-11208, CVE-2025-11219, CVE-2025-11215, CVE-2025-11216, CVE-2025-11213, CVE-2025-11210, CVE-2025-11206, CVE-2025-11205, CVE-2025-59249, CVE-2025-53782, CVE-2025-59248, CVE-2025-49708, CVE-2025-59205, CVE-2025-59261, CVE-2025-59195, CVE-2025-59253, CVE-2025-59198, CVE-2025-59190, CVE-2025-58714, CVE-2025-59242, CVE-2025-58727, CVE-2025-55681, CVE-2025-58722, CVE-2025-59255, CVE-2025-59254, CVE-2025-55694, CVE-2025-55692, CVE-2025-55328, CVE-2025-55335, CVE-2025-59284, CVE-2025-55331, CVE-2025-55685, CVE-2025-55690, CVE-2025-55686, CVE-2025-55689, CVE-2025-55684, CVE-2025-55691, CVE-2025-55688, CVE-2025-59209, CVE-2025-59211, CVE-2025-55687, CVE-2025-59210, CVE-2025-59206, CVE-2025-58717, CVE-2025-55700, CVE-2025-59287, and CVE-2025-53717.

Automated risk removal and speed up response: Meet Agent Sara

To further accelerate your response, Qualys introduces Agent Sara, designed to automate the entire Patch Tuesday vulnerability remediation lifecycle.Agent Sarah intelligently identifies, prioritizes, and fixes vulnerabilities, reducing manual effort and ultimately your current MTTR.

Learn more about how AGEND AI can change your patch strategy.

Evaluate sales performance with hourly audits

With Qualys Policy Audit's ready-made mitigating or compensating controls, reduce the risk of exploiting a vulnerability because remediation (remediation / patching) cannot be done now;these security controls are not recommended by all industry standards, such as CIS, DISA-STIG.

The Discussion Policy governs these proprietary rights disputes on a Seller/WorkaRounds basis.

Mitigation refers to a configuration, common configuration, or general best practice, available by default, that can reduce the severity of a vulnerability's exploitation.

It is a method that is sometimes used temporarily when the normal method or plan does not work.Information technology often uses work to overcome software hardware, programming, or communication issues.Once the problem is resolved, the job is usually abandoned.

More than what is written on the ID card

CVE-2025-59282.Remote code execution vulnerability in Internet Information Services (IIS) Inbox COM Objects (Global Memory).

This vulnerability has CVSS: 3.1 7.0 / 6.1

Compliance ID (CID) Policy:

- 11511 List of functions installed in the system

The QQL below returns the posts value for Cyds for this patch

CVE-2025-58718: Remote Desktop Client remote code execution vulnerability

This vulnerability exists in CVSS: 3.1 8.8 / 7.7

Compliance with Compliance IDs (CIDS):

- 3875 "Allow drive redirection" configuration status (Terminal Services)

- 4123 Status of Group Policy setting 'Do not allow COM port redirection'

- 4124 Group Policy setting status "Do not allow LPT port forwarding".

- 4125 "Disallow supported Plug and Play redirects" Group Policy setting

QQL provides the following body condition assessment for this CID Tuesday patch:

kontrol.id: [3875, 4123, 4124, 4125]

The next Patch Tuesday is November 11th and we'll be back with patch details and analysis.Until next Patch Tuesday, stay safe and secure.Be sure to subscribe to the "This Month in Vulnerabilities and Patches" webinar.

Monthly wenanars in the will

The Qualys research team hosts a monthly webinar series to help our existing customers increase seamless integration between Vulnerability Management Discovery Response (VMDR) and patch management.Combining these two solutions can reduce the average time to remediate critical vulnerabilities.

During the webinar, we will talk about the best methods of the month, including those related to the structure of this month.We'll walk you through the steps needed to tackle the basics in quartz vmsrd and proficient patching.

Join the webinar

This month in vulnerabilities and patches

Search

Recent Post

Microsoft and Adobe Patch Tuesday, October 2025 Security Update |Qualys
date 2025-10-17
Microsoft and Adobe Patch Tuesday, October 2025 Security Update |Qualys
The future of the Tron franchise makes for a bleak proposition after Leto and To...
date 2025-10-16
The future of the Tron franchise makes for a bleak proposition after Leto and To...
Scientists find a possible holiday to prevent severe pain
date 2025-10-15
Scientists find a possible holiday to prevent severe pain
Travis Huntter, yellowing sanders and charity sanders New chapters of the new ch...
date 2025-10-15
Travis Huntter, yellowing sanders and charity sanders New chapters of the new ch...
For business
date 2025-10-15
For business
Fantastisk Football Week 7 Defense Rating (2025)
date 2025-10-14
Fantastisk Football Week 7 Defense Rating (2025)

Stay up-to-date with the most important news in English across Sports, Health, Technology, Entertainment, and more.

Explore Categories

Quick Links

Contact Us

contact-us
[email protected]

© 2025 SIV TELEGRAM MEDIA, Inc. All Rights Reserved.

Privacy Policy Terms & Conditions