October 2025 Patch Tuesday: 175+ CVEs and 6 Zero-Days Fixed

Patch Tuesday October 2025 Microsoft security updates Adobe security updates zero-day vulnerabilities critical vulnerabilities Windows 10 end of support
Alan V Gutnov
Alan V Gutnov

Director of Strategy

 
October 15, 2025 7 min read

TL;DR

October 2025 Patch Tuesday is packed with security fixes. Microsoft released updates for 193 vulnerabilities, including six zero-days and marking the end of Windows 10 support. Adobe also addressed 36 vulnerabilities across its product suite. These patches are essential for protecting against active threats and securing your systems.

Microsoft and Adobe Patch Tuesday: October 2025 Security Updates

Microsoft's October 2025 Patch Tuesday addresses a significant number of vulnerabilities. This month’s release includes fixes for 193 vulnerabilities, with nine rated as critical and 123 as important. Microsoft's advisory provides a comprehensive list.

Image courtesy of BleepingComputer

Microsoft has addressed six zero-day vulnerabilities, four of which are being actively exploited, and two are publicly disclosed. This Patch Tuesday marks the end of support for Windows 10, with the KB5066791 cumulative update being the final one for the OS. Details on Extended Security Updates (ESU) are available for those needing continued support.

The updates cover vulnerabilities in various components, including Windows NTFS, Windows Cloud Files Mini Filter Driver, and Windows NTLM. Further affected areas include Windows Remote Desktop Protocol, Windows Remote Desktop Services, and Windows Local Session Manager (LSM).

Adobe Patches

Adobe has released 12 security advisories addressing 36 vulnerabilities across multiple products. Products affected include Adobe Connect, Adobe Commerce, and the Adobe Creative Cloud Desktop Application.

Other updated software includes Adobe Bridge, Adobe Animate, Adobe Experience Manager Screens, Substance 3D Viewer, and Substance 3D Modeler. Patches are also available for Adobe FrameMaker, Adobe Illustrator, Adobe Dimension, and Substance 3D Stager. 24 of these vulnerabilities are rated as critical, potentially leading to privilege escalation, security feature bypass, and arbitrary code execution.

Zero-Day Vulnerabilities

Microsoft addressed several zero-day vulnerabilities in this release.

Critical Severity Vulnerabilities

Several critical vulnerabilities were addressed in this update:

Additional Vulnerabilities

Other notable vulnerabilities addressed include:

  • CVE-2025-48004: An elevation of privilege vulnerability in the Microsoft Brokering File System.
  • CVE-2025-55676: An information disclosure vulnerability in the Windows USB Video Class System Driver.
  • CVE-2025-55681: An elevation of privilege vulnerability in Desktop Windows Manager.
  • CVE-2025-58722: An elevation of privilege vulnerability in Microsoft DWM Core Library.
  • CVE-2025-59199: An elevation of privilege vulnerability in the Software Protection Platform (SPP).
  • CVE-2025-55680: An elevation of privilege vulnerability in the Windows Cloud Files Mini Filter Driver.
  • CVE-2025-55692 & CVE-2025-55694: Elevation of privilege vulnerabilities in the Windows Error Reporting Service.
  • CVE-2025-55693 & CVE-2025-59194: Elevation of privilege vulnerabilities in the Windows Kernel.
  • CVE-2025-59502: A denial-of-service vulnerability in the Remote Procedure Call.

Affected Products

The updates cover a wide range of Microsoft products and versions. These include Agere Windows Modem Driver, Microsoft PowerShell, Windows Failover Cluster, and Azure Connected Machine Agent.

Other affected products are Microsoft Brokering File System, Virtual Secure Mode, Microsoft Graphics Component, Windows Kernel, and Windows Device Association Broker service. Also included are Windows Digital Media, Windows Hello, Windows Virtualization-Based Security (VBS) Enclave, Xbox, Microsoft Exchange Server, Visual Studio, .NET, ASP.NET Core, Microsoft Configuration Manager, and Azure Monitor.

Further updates address Windows Storage Management Provider, Connected Devices Platform Service (Cdpsvc), Windows Hyper-V, Windows BitLocker, Windows PrintWorkflowUserSvc, and Windows NDIS. Additionally, Windows USB Video Driver, Windows DirectX, Windows DWM, Windows Resilient File System (ReFS), Windows Error Reporting, Windows WLAN Auto Config Service, NtQueryInformation Token function (ntifs.h), Azure Local, and Windows Routing and Remote Access Service (RRAS).

The release also includes updates for Microsoft Windows, Windows Ancillary Function Driver for WinSock, Microsoft Windows Speech, Remote Desktop Client, Windows Cryptographic Services, Windows COM, Windows SMB Server, Windows Connected Devices Platform Service, Windows Bluetooth Service, Inbox COM Objects, and Windows Remote Desktop. Furthermore, updates cover Windows File Explorer, Windows High Availability Services, Windows Core Shell, Microsoft Windows Search Component, Storport.sys Driver, Windows Management Services, Windows SSDP Service, Windows ETL Channel, Software Protection Platform (SPP), Data Sharing Service Client, and Network Connection Status Indicator (NCSI).

Additional components receiving updates include Windows StateRepository API, Windows Resilient File System (ReFS) Deduplication Service, Windows MapUrlToZone), Windows Push Notification Core, Azure Entra ID, Microsoft Office Word, Microsoft Office Excel, Microsoft Office Visio, Microsoft Office, Microsoft Office SharePoint, Windows Remote Access Connection Manager, Microsoft Office PowerPoint, Windows Health and Optimized Experiences Service, Azure PlayFab, JDBC Driver for SQL Server, Copilot, Windows DWM Core Library, Active Directory Federation Services, Microsoft Failover Cluster Virtual Driver, Redis Enterprise, Windows Authentication Methods, Windows SMB Client, XBox Gaming Services, and Azure Monitor Agent.

The list continues with Windows Server Update Service, GitHub, Confidential Azure Container Instances, Windows Taskbar Live, Internet Explorer, Microsoft Defender for Linux, Windows Remote Procedure Call, AMD Restricted Memory Page, Microsoft Edge (Chromium-based), TCG TPM2.0, Windows Secure Boot, Microsoft Windows Codecs Library, and Games.

Updates from Other Companies

Several other vendors released updates and advisories in October 2025:

  • Adobe: Released security updates for various products (Adobe Security Bulletins).
  • Cisco: Released patches for Cisco IOS, Cisco Unified Communications Manager, and Cyber Vision Center (Cisco Security Advisories).
  • Draytek: Released a security update for a pre-auth RCE flaw in Vigor routers (Draytek Security Advisory).
  • Gladinet: Warned customers of a CentreStack zero-day being exploited to breach servers (Gladinet CentreStack Advisory).
  • Ivanti: Released security updates for Ivanti Endpoint Manager Mobile (EPMM) and Ivanti Neurons for MDM (Ivanti Security Update).
  • Oracle: Released security updates for actively exploited E-Business Suite zero-days (Oracle Security Alerts).
  • Redis: Released security updates to patch a maximum severity RCE vulnerability (Redis Security Advisory).
  • SAP: Released the October security updates for multiple products (SAP Security Notes).
  • Synacor: Released a security update for a Zimbra Collaboration Suite zero-day (Zimbra Security Fixes).

Ivanti Security Advisories

Ivanti released two updates and one Security Advisory, resolving seven CVEs. The affected products include Ivanti Neurons for MDM and Ivanti Endpoint Manager Mobile. Additional details are available on the Ivanti blog.

Mozilla Updates

Mozilla released five updates resolving 45 CVEs. There is a possibility of exploitation in the wild. All five updates include at least one of the suspected exploit CVEs, so we recommend treating all five as containing a known exploited CVE. Mozilla Foundation Security Advisories.

Alan V Gutnov
Alan V Gutnov

Director of Strategy

 

MBA-credentialed cybersecurity expert specializing in Post-Quantum Cybersecurity solutions with proven capability to reduce attack surfaces by 90%.

Related Articles

Apache ActiveMQ vulnerability

Critical RCE Vulnerability in Apache ActiveMQ Exploited by Attackers

Protect your systems from critical Apache ActiveMQ vulnerabilities, including RCE flaws in .NET AMQP client and OpenWire protocol. Learn how to mitigate and secure your deployments.

By Edward Zhou October 16, 2025 6 min read
Read full article
Cisco SNMP vulnerability

Operation Zero Disco: Cisco SNMP Flaw Enables Linux Rootkit Attacks

Discover how Operation Zero Disco exploits Cisco SNMP flaws (CVE-2025-20352) to deploy rootkits and gain persistent access. Learn about detection & mitigation. Read now!

By Alan V Gutnov October 16, 2025 4 min read
Read full article
F5 breach

F5 Breach: Nation-State Hackers Steal Source Code and Data

F5 confirms nation-state hackers stole BIG-IP source code and vulnerability details. CISA issues emergency directive. Learn about the risks and mitigation strategies.

By Alan V Gutnov October 16, 2025 3 min read
Read full article
Microsoft October 2025 Patch Tuesday

Microsoft October 2025 Patch Tuesday: 6 Zero-Days, 172 Vulnerabilities Fixed

Microsoft's October 2025 Patch Tuesday addresses 172 vulnerabilities, including 4 zero-days actively exploited. Don't risk your systems – apply these critical patches now!

By Alan V Gutnov October 15, 2025 3 min read
Read full article