Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws www.bleepingcomputer.com/news/micr…

Today is Microsoft’s October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities.

Other vendors who released updates or advisories in October 2025 include: -Adobe released security updates for various products.

  • Cisco released patches for Cisco IOS, Cisco Unified Communications Manager, and Cyber Vision Center.
  • Draytek released a security update for an pre-auth RCE flaw in several Vigor router models.
  • Gladinet is warning customers of a CentreStack zero-day that was actively exploited to breach servers.
  • Ivanti released security updates for Ivanti Endpoint Manager Mobile (EPMM) and Ivanti Neurons for MDM.
  • Oracle released security updates for two actively exploited E-Business Suite zero-days in a very confusing way.
  • Redis released security updates to patch a a maximum severity RCE vulnerability.
  • SAP released the October security updates for multiple products, including a fix for a maximum severity command execution flaw in Netweaver.
  • Synacor released a security update for a Zimbra Collaboration Suite zero-day exploited to steal data.
Edward Kiledjian @ekiledjian