Microsoft, others fix hundreds of bugs

More than 200 security flaws have been collectively addressed by Microsoft, Adobe, SAP, and Ivanti as part of this month's Patch Tuesday, according to The Register. Microsoft has fixed over 175 vulnerabilities, three of which are being actively exploited, while 17 others have been designated as critical. Most severe of the bugs is the Window Server Update Services flaw, traced as CVE-2025-59287, which could enable remote, unauthenticated code execution via unsafe object deserialization. Other exploited bugs include CVE-2025-24990 and CVE-2025-59230, both elevation-of-privilege flaws affecting Windows components, and CVE-2025-47827, a Secure Boot bypass in Linux-based IGEL OS. The company also disclosed publicly known issues such as CVE-2025-0033 in AMD EPYC processors, which remains unpatched, and additional flaws in the TPM 2.0 reference code and Agere Modem driver. On the other hand, Adobe released a dozen updates resolving 36 issues, five of which are critical Substance 3D Stager flaws, while SAP addressed 17 security notes, including four critical NetWeaver command execution bugs. Moreover, Ivanti issued patches for Endpoint Manager Mobile and Neurons for MDM, none of which have been exploited. Security teams are urged to deploy the latest patches promptly.