Zero Day Initiative | Blog
Follow
The October 2025 Security Update Review
Adobe's October patch release addresses 36 CVEs across various products, with Substance 3D Stager, Dimension, and Illustrator updates being particularly important. Microsoft's October Patch Tuesday is massive, featuring 177 new CVEs, making it Microsoft's largest monthly release to date. Sixteen vulnerabilities are rated Critical and the rest Important, with some actively exploited. Three bugs are confirmed under active attack, including Windows Agere Modem Driver and Remote Access Connection Manager elevation of privilege bugs. Another notable vulnerability is a Secure Boot bypass in IGEL OS, warranting attention. The Windows Server Update Service (WSUS) remote code execution vulnerability also poses a significant risk. Microsoft's extensive release could be related to the end of Windows 10 support. The sheer volume underscores the need for prompt testing and deployment of security updates to mitigate risks. The provided list details the specific CVEs, their titles, severity ratings, and current status.