美国网络安全与基础设施安全局（CISA）向全球组织发出警告，微软Windows Server Update Services（WSUS）中存在一个正被积极利用的关键远程代码执行（RCE）漏洞。

Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) ...

Microsoft has issued an emergency Windows server security patch to fix a critical severity flaw apparently abused in the wild ...

该漏洞利用了 GetCookie 端点中的遗留序列化机制，其中加密的 AuthorizationCookie 对象使用 AES-128-CBC 解密，并通过 BinaryFormatter 反序列化，无需类型验证，从而为整个系统接管打开了大门。

The Cybersecurity and Infrastructure Security Agency issued updated guidance on a critical vulnerability in Windows Server ...

Security researchers are warning that cyber threat actors are abusing a critical vulnerability in Microsoft Windows Server ...

The Cybersecurity and Infrastructure Security Agency (CISA) ordered U.S. government agencies to patch a critical-severity Windows Server Update Services (WSUS) vulnerability after adding it to its ...

Microsoft released out-of-band updates to patch the WSUS vulnerability CVE-2025-59287 and exploitation of the flaw was seen just hours later.

Critical 9.8-rated vulnerability affects Windows Server 2012 - 2025 Governments and private security sleuths warned that ...

Microsoft releases KB5070881, KB5070879, KB5070884 for critical Windows Server vulnerability tracked as CVE-2025-59287 ...

Microsoft confirms Kerberos and NTLM login failures in Windows 11 24H2, 25H2, and Server 2025 due to duplicate SIDs after ...

Microsoft has released an emergency out-of-band security update for Windows Server to address a probable remote code ...