On October 14, 2025, Microsoft released its October 2025 security update, addressing 175 newly disclosed vulnerabilities. Arctic Wolf has highlighted three vulnerabilities affecting Microsoft Windows in this security bulletin due to their potential risk.
Vulnerabilities
| Vulnerability | CVSS | Description | Exploited? |
| CVE-2025-24990 | 7.8 | Windows Agere Modem Driver Elevation of Privilege Vulnerability– This vulnerability lies in the Agere modem driver (ltmdm64.sys) that ships natively with supported Windows operating systems and has been removed in the October cumulative update. A local threat actor could exploit this vulnerability to gain administrator privileges; systems can be affected even if the modem is not actively used.
|
Yes |
| CVE-2025-59230 | 7.8 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability – An improper access control flaw in Windows Remote Access Connection Manager allows an authorized threat actor to elevate privileges locally. | Yes |
| CVE-2025-59287 | 9.8 | Windows Server Update Service (WSUS) Remote Code Execution Vulnerability – A deserialization of untrusted data flaw in Windows Server Update Services (WSUS) allows remote, unauthenticated threat actors to achieve remote code execution via a crafted event. | No |
End of Support for Windows 10
Microsoft announced that Windows 10 has reached end of support as of October 14, 2025, meaning it will no longer receive technical assistance, feature updates, or security patches. While the operating system can still be used, Arctic Wolf strongly recommends upgrading to Windows 11 where feasible to ensure continued protection, maintained compatibility with modern applications, and avoid potential security vulnerabilities arising from unpatched operating system components.
Recommendation
Upgrade to Latest Fixed Versions
Arctic Wolf strongly recommends that customers upgrade to the latest fixed versions.
| Affected Product | Vulnerability | Update Article |
| Windows 10 Version 1607 for 32-bit, and x64-based Systems | CVE-2025-24990, CVE-2025-59230 | 5066836 |
| Windows 10 Version 1809 for 32-bit, and x64-based Systems | CVE-2025-24990, CVE-2025-59230 | 5066586 |
| Windows 10 Version 21H2 for 32-bit, x64-based, and ARM64-based Systems | CVE-2025-24990, CVE-2025-59230 | 5066791 |
| Windows 10 Version 22H2 for 32-bit, x64-based, and ARM64-based Systems | CVE-2025-24990, CVE-2025-59230 | 5066791 |
| Windows 11 Version 22H2 for x64-based, and ARM64-based Systems | CVE-2025-24990, CVE-2025-59230 | 5066793 |
| Windows 11 Version 23H2 for x64-based, and ARM64-based Systems | CVE-2025-24990, CVE-2025-59230 | 5066793 |
| Windows 11 Version 24H2 for x64-based, and ARM64-based Systems | CVE-2025-24990, CVE-2025-59230 | 5066835 |
| Windows 11 Version 25H2 for x64-based, and ARM64-based Systems | CVE-2025-24990, CVE-2025-59230 | 5066835 |
| Windows Server 2008 for 32-bit and x64-based Systems Service Pack 2 | CVE-2025-24990, CVE-2025-59230 | 5066874, 5066877 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | CVE-2025-24990, CVE-2025-59230 | 5066872, 5066876 |
| Windows Server 2012 | CVE-2025-24990, CVE-2025-59230, CVE-2025-59287 | 5066875 |
| Windows Server 2012 R2 | CVE-2025-24990, CVE-2025-59230, CVE-2025-59287 | 5066873 |
| Windows Server 2016 | CVE-2025-24990, CVE-2025-59230, CVE-2025-59287 | 5066836 |
| Windows Server 2019 | CVE-2025-24990, CVE-2025-59230, CVE-2025-59287 | 5066586 |
| Windows Server 2022 | CVE-2025-24990, CVE-2025-59230, CVE-2025-59287 | 5066782 |
| Windows Server 2022, 23H2 Edition | CVE-2025-24990, CVE-2025-59230, CVE-2025-59287 | 5066780 |
| Windows Server 2025 | CVE-2025-24990, CVE-2025-59230, CVE-2025-59287 | 5066835 |
Please follow your organization’s patching and testing guidelines to minimize potential operational impact.
References
Resources
Understand the threat landscape with our annual review highlighting cyber threats with the 2025 Security Operations Report.
See how Arctic Wolf utilizes threat intelligence to harden your attack surface and stop threats earlier and faster.
