I've been keeping our SCCM WSUS server updated with every cumulative update since October, but it still shows that it's vulnerable to the WSUS deserialization attack (CVE-2025-59287). Has anyone else encountered this issue? What steps did you take to resolve it?
2 Answers
I applied both the November and December cumulative updates, but got a message saying the OOB patch isn't applicable to my setup. I’d suggest checking the details closely to see if there's a different reason it’s not working for you! Maybe there's a specific condition based on your environment.
It looks like you might have missed the out-of-band (OOB) patch that's specifically mentioned in the vulnerability report. Make sure you check that out since it seems necessary to fix this issue rather than just relying on the cumulative updates.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures