Microsoft<\/strong> right this moment launched software program updates to plug a whopping 172 safety holes in its Home windows<\/strong> working programs, together with at the very least two vulnerabilities which can be already being actively exploited. October\u2019s Patch Tuesday additionally marks the ultimate month that Microsoft will ship safety updates for Home windows 10<\/strong> programs. In the event you\u2019re working a Home windows 10 PC and also you\u2019re unable or unwilling emigrate to Home windows 11<\/strong>, learn on for different choices.<\/p>\n

$\"\"$ <\/p>\n

The primary zero-day bug addressed this month (CVE-2025-24990<\/a>) includes a third-party modem driver known as Agere Modem that\u2019s been bundled with Home windows for the previous twenty years. Microsoft responded to lively assaults on this flaw by fully eradicating the susceptible driver from Home windows.<\/p>\n

The opposite zero-day is CVE-2025-59230<\/a>, an elevation of privilege vulnerability in Home windows Distant Entry Connection Supervisor<\/strong> (also referred to as RasMan<\/strong>), a service used to handle distant community connections via digital personal networks (VPNs) and dial-up networks.<\/p>\n

\u201cWhereas RasMan is a frequent flyer on Patch Tuesday, showing greater than 20 occasions since January 2022, that is the primary time we\u2019ve seen it exploited within the wild as a zero day,\u201d mentioned Satnam Narang<\/strong>, senior employees analysis engineer at Tenable<\/strong>.<\/p>\n

Narang notes that Microsoft Workplace<\/strong> customers also needs to pay attention to CVE-2025-59227<\/a> and CVE-2025-59234<\/a>, a pair of distant code execution bugs that reap the benefits of \u201cPreview Pane,\u201d which means that the goal doesn\u2019t even have to open the file for exploitation to happen. To execute these flaws, an attacker would social engineer a goal into previewing an e-mail with a malicious Microsoft Workplace doc.<\/p>\n

Talking of Workplace, Microsoft quietly introduced this week<\/a> that Microsoft Phrase<\/strong> will now robotically save paperwork to OneDrive, Microsoft\u2019s cloud platform. Customers who’re uncomfortable saving all of their paperwork to Microsoft\u2019s cloud can change this in Phrase\u2019s settings; ZDNet has a helpful how-to<\/a> on disabling this characteristic.<\/p>\n

Kev Breen<\/strong>, senior director of menace analysis at Immersive<\/strong>, known as consideration to CVE-2025-59287<\/a>, a essential distant code execution bug within the Home windows Server Replace Service\u00a0 (WSUS) \u2014 the exact same Home windows service liable for downloading safety patches for Home windows Server variations. Microsoft says there aren’t any indicators this weak spot is being exploited but. However with a menace rating of 9.8 out of potential 10 and marked \u201cexploitation extra probably,\u201d CVE-2025-59287 may be exploited with out authentication and is a simple \u201cpatch now\u201d candidate.<\/p>\n

\u201cMicrosoft offers restricted data, stating that an unauthenticated attacker with community entry can ship untrusted knowledge to the WSUS server, leading to deserialization and code execution,\u201d Breen wrote. \u201cAs WSUS is a trusted Home windows service that’s designed to replace privileged recordsdata throughout the file system, an attacker would have free rein over the working system and will probably bypass some EDR detections that ignore or exclude the WSUS service.\u201d<\/p>\n

For extra on different fixes from Redmond right this moment, take a look at the SANS Web Storm Heart<\/strong> month-to-month roundup<\/a>, which indexes all the updates by severity and urgency.<\/p>\n

Home windows 10 isn\u2019t the one Microsoft OS that’s reaching end-of-life right this moment;\u00a0Change Server 2016<\/strong>, Change Server 2019<\/strong>, Skype for Enterprise 2016<\/strong>, Home windows 11 IoT Enterprise Model 22H2<\/strong>, and Outlook 2016<\/strong> are a few of the different merchandise that Microsoft is sunsetting right this moment.<\/p>\n

$\"\"$ <\/p>\n

In the event you\u2019re working any Home windows 10 programs, you\u2019ve most likely already decided whether or not your PC meets the technical {hardware} specs advisable for the Home windows 11 OS. In the event you\u2019re reluctant or unable emigrate a Home windows 10 system to Home windows 11, there are options to easily persevering with to make use of Home windows 10 with out ongoing safety updates.<\/p>\n

One possibility is to pay for one more 12 months\u2019s price of safety updates via Microsoft\u2019s Prolonged Safety Updates<\/a> (ESU) program. The fee is simply $30 should you don\u2019t have a Microsoft account, and apparently free should you register the PC to a Microsoft account. This video breakdown<\/a> from Ask Your Laptop Man<\/strong> does a very good job of strolling Home windows 10 customers via this course of. Microsoft emphasizes that ESU enrollment doesn’t present different forms of fixes, characteristic enhancements or product enhancements. It additionally doesn’t include technical help.<\/p>\n

$\"\"$ <\/p>\n
In case your Home windows 10 system is related to a Microsoft account and signed in if you go to Home windows Replace, you need to see an choice to enroll in prolonged updates. Picture: https:\/\/www.youtube.com\/watch?v=SZH7MlvOoPM<\/p>\n<\/div>\n
Home windows 10 customers even have the choice of putting in some taste of Linux as a substitute. Anybody significantly contemplating this feature ought to take a look at the web site endof10.org<\/a>, which features a plethora of suggestions and a DIY set up information.<\/p>\n
Linux Mint <\/strong>is a superb possibility for Linux newbies. Like most fashionable Linux variations, Mint will run on something with a 64-bit CPU that has at the very least 2GB of reminiscence, though 4GB is advisable. In different phrases, it would run on nearly any laptop produced within the final decade.<\/p>\n
Linux Mint is also prone to be essentially the most intuitive interface for normal Home windows customers, and it’s largely configurable with none fuss on the text-only command-line immediate. Mint and different flavors of Linux include LibreOffice<\/strong>, which is an open supply suite of instruments that features purposes much like Microsoft Workplace, and it could open, edit and save paperwork as Microsoft Workplace recordsdata.<\/p>\n
In the event you\u2019d choose to provide Linux a check drive earlier than putting in it on a Home windows PC, you’ll be able to all the time simply obtain it to a detachable USB drive. From there, reboot the pc (with the detachable drive plugged in) and choose the choice at startup to run the working system from the exterior USB drive. In the event you don\u2019t see an possibility for that after restarting, attempt restarting once more and hitting the F8 button, which ought to open an inventory of bootable drives.\u00a0Right here\u2019s a reasonably thorough tutorial<\/a>\u00a0that walks via precisely learn how to do all this.<\/p>\n
And if that is your first time attempting out Linux, loosen up and have enjoyable: The great factor a couple of \u201creside\u201d model of Linux (because it\u2019s known as when the working system is run from a detachable drive similar to a CD or a USB stick) is that none of your adjustments persist after a reboot. Even should you someway handle to interrupt one thing, a restart will return the system again to its authentic state.<\/p>\n
As ever, should you expertise any difficulties throughout or after making use of this month\u2019s batch of patches, please depart a observe about it within the feedback beneath.<\/p>\n<\/p><\/div>\n\n","protected":false},"excerpt":{"rendered":"
Microsoft right this moment launched software program updates to plug a whopping 172 safety holes in its Home windows working programs, together with at the very least two vulnerabilities which can be already being actively exploited. October\u2019s Patch Tuesday additionally marks the ultimate month that Microsoft will ship safety updates for Home windows 10 programs. […]<\/p>\n","protected":false},"author":2,"featured_media":7742,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[406,262,2273,1077,211,1078],"class_list":["post-7740","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-edition","tag-krebs","tag-october","tag-patch","tag-security","tag-tuesday"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/7740","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7740"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/7740\/revisions"}],"predecessor-version":[{"id":7741,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/7740\/revisions\/7741"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/7742"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7740"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7740"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7740"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}