Cybersecurity News Kinetic Potential

Microsoft Patches 173 Vulnerabilities, Including Exploited Windows Flaws

Wed, 10/15/2025 - 10:11 / 0 Comments

Microsoft on Tuesday announced the release of patches for 173 unique CVEs in its products, including two flaws that have been exploited in the wild. Patches were also released for 21 non-Microsoft CVEs.

The first exploited issue, tracked as CVE-2025-24990 (CVSS score of 7.8), is described as an untrusted pointer dereference bug that can be exploited for privilege escalation.

The security defect impacts the Agere Modem driver that ships with supported Windows iterations and could allow attackers to obtain administrative privileges on a vulnerable system.

Microsoft’s October 2025 cumulative update for Windows systems removes the vulnerable ltmdm64.sys driver, which is also impacted by CVE-2025-24052, an elevation of privilege weakness for which a proof-of-concept (PoC) exploit exists.

The second exploited vulnerability, CVE-2025-59230 (CVSS score of 7.8), is described as an improper access control in Windows Remote Access Connection Manager that could allow attackers to elevate their privileges.

“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” Microsoft notes, without sharing details on the observed exploitation.

Of the 173 unique Microsoft CVEs in the October 2025 advisory, only five are critical-severity bugs. The company warns that roughly a dozen of these flaws are likely to be exploited in attacks.

Of the 21 non-Microsoft CVEs in the October advisory, at least one has been exploited in the wild. Tracked as CVE-2025-47827 and impacting IGEL OS, it can lead to a Secure Boot bypass.

The defect resides in the igel-flash-driver module’s improper verification of a cryptographic signature, allowing attackers to mount a crafted root filesystem from an unverified SquashFS image.

The US cybersecurity agency CISA on Tuesday added all three exploited vulnerabilities to its KEV list, urging federal agencies to address them within three weeks, as mandated by the Binding Operational Directive (BOD) 22-01.

Another flaw patched this month and worth mentioning is CVE-2025-2884, a medium-severity out-of-bounds read issue in the Trusted Platform Module (TPM) 2.0 reference library specification maintained by the Trusted Computing Group (TCG).

Microsoft also included in its advisory CVE-2025-0033, referred to as RMPocalypse, a race condition that can be exploited to break the confidential computing guarantees of AMD processors, and CVE-2025-59489, a bug in the gaming and application editor Unity that could lead to code execution.

This article was published by Security Week. Please check their website for the original content.

Add new comment

About text formats

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
10 + 8 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

Share The Story


Stay informed - subscribe to our newsletter.
The subscriber's email address.

Recent Posts