由于Windows 10和Server 2019到达寿命末期,微软释放了175+缺陷的紧急补丁,包括3个主动零日。 Microsoft releases urgent patches for 175+ flaws, including three active zero-days, as Windows 10 and Server 2019 reach end-of-life.

微软2025年10月的《周二补丁》在Windows、Azure和其他产品,包括三个被积极利用的零日缺陷,解决了超过175个脆弱性。 Microsoft's October 2025 Patch Tuesday addresses over 175 vulnerabilities across Windows, Azure, and other products, including three actively exploited zero-day flaws. 关键问题包括Windows远程访问连接管理器中的特权升级,IGEL OS中的安全引导绕过,以及WSUS中的可虫的远程代码执行漏洞. Critical issues include a privilege escalation in Windows Remote Access Connection Manager, a Secure Boot bypass in IGEL OS, and a wormable remote code execution flaw in WSUS. Agere调制解调器驱动器和TPM 2.0的3个零天执行程序也正在开发,促使微软使受影响的驱动器失能。 Three zero-days in the Agere modem driver and TPM 2.0 implementation are also being exploited, prompting Microsoft to disable the affected driver. 影响云系统的未排出AMD EPYC处理器缺陷仍令人关切。 An unpatched AMD EPYC processor flaw affecting cloud systems remains a concern. Windows 10和Server 2019在支助结束时收到最后的安全更新。 Windows 10 and Server 2019 receive final security updates as support ends. Adobe和SAP还释放了重要的补丁。 Adobe and SAP also released critical patches. 敦促各组织将立即进行更新列为优先事项。 Organizations are urged to prioritize immediate updates.