Dd you know you can customize Google to filter out garbage? Take these steps for better search results, including adding my work at Lifehacker as a preferred source.
On the second Tuesday of each month, Microsoft issues a major security update for Windows users, known as “Patch Tuesday.” Some patches are larger than others; it all depends on how many vulnerabilities researchers discovered over the past month. October’s Patch Tuesday update, however, is quite large.
As reported by Bleeping Computer, this latest Patch Tuesday update fixes over 170 security flaws with Windows. That includes 80 elevation of privilege vulnerabilities, 31 remote code execution vulnerabilities, 28 information disclosure vulnerabilities, 11 security feature bypass vulnerabilities, 11 denial of service vulnerabilities, and 10 spoofing vulnerabilities.
Bleeping Computer only includes the patches released by Microsoft itself in its totals for Patch Tuesday numbers. The total number is higher, as there are patches for Azure, Mariner, and vulnerabilities released earlier in October. All in, there are well over 200 patches here.
While all security patches are important, some are more critical than others. To that point, this Patch Tuesday includes fixes for eight vulnerabilities labeled as “Critical”—that includes five remote code execution vulnerabilities, and three elevation of privilege vulnerabilities.
Six zero-days
But even more important than that are the patches for six zero-day vulnerabilities. Zero-days are particularly dangerous, as there are vulnerabilities that are either publicly disclosed or exploited before the software developer has a chance to issue a patch. In this case, there are six zero-days, three publicly disclosed, and three exploited without this current patch, leaving Windows users vulnerable.
What do you think so far?
These are the three exploited vulnerabilities:
-
CVE-2025-24990: Windows Agere Modem Driver Elevation of Privilege Vulnerability: This flaw allowed bad actors to gain administrative privileges via a bad Agere Modem driver. Microsoft has now removed the driver.
-
CVE-2025-59230: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability: This flaw allowed bad actors to gain SYSTEM privileges.
-
CVE-2025-47827: MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11: This flaw allowed bad actors to bypass Secure Boot, a security process that helps prevent malware from loading when a user’s computer starts up.
These are the three publicly disclosed vulnerabilities:
-
CVE-2025-0033 – AMD CVE-2025-0033: RMP Corruption During SNP Initialization: This AMD flaw could impact memory integrity. Microsoft says this fix is not finished yet, and the patches will roll out through Azure Service Health Alerts when they’re ready.
-
CVE-2025-24052 – Windows Agere Modem Driver Elevation of Privilege Vulnerability: This flaw can be used to gain administrative privileges via a Agere Modem Driver. As Bleeping Computer notes, it appears quite similar to CVE-2025-24990.
-
CVE-2025-2884 – Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation: This flaw could have allowed for information disclosure or denial of service of the target’s TPM.
In other Microsoft news, the company has officially ended support for Windows 10. Unless you enroll in Extended Security Updates, your Windows 10 PC will not receive these security patches going forward.
