Microsoft has rolled out security updates as part of its 2025 October Patch Tuesday release addressing a staggering 183 vulnerabilities across its software ecosystem, including three flaws that are currently being exploited in the wild. This is the last security release for Windows 10 as its official support ended on October 14, unless devices are enrolled in the Extended Security Updates (ESU) program.
Two of the exploited vulnerabilities are elevation-of-privilege flaws in core Windows components:
CVE-2025-24990: An untrusted pointer deferense issue in the Agere Modem Driver (ltmdm64.sys), which ships by default in all Windows versions, including Windows Server 2025. Microsoft will remove the vulnerable driver entirely, rather than issue a patch for the legacy component.
CVE-2025-59230: An improper access control issue in the Remote Access Connection Manager (RasMan). This marks the first known zero-day in RasMan to be exploited. Over 20 vulnerabilities in the component have been patched since 2022.
A third actively exploited flaw, CVE-2025-47827, affects IGEL OS versions before 11, allowing Secure Boot bypass. The vulnerability was first detailed in June 2025 by security researcher Zack Didcott.
All three vulnerabilities have been added to the US Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog.
In addition to the above-mentioned flaws, Microsoft has addressed multiple critical and high-risk vulnerabilities affecting Windows Server Update Service (WSUS), Microsoft Windows URL Parsing, Microsoft PowerPoint, Microsoft JDBC Driver for SQL Server, Microsoft RDP, Microsoft Cdpsvc, and other components.
