News

Microsoft Addresses Three Active Zero-Day Vulnerabilities in October Patch

Luciano Ferrari

15 Oct 2025 — 3 min read

Wednesday, October 15, 2025

Top 5 Cybersecurity Stories You Should Know

Microsoft Addresses Three Active Zero-Day Vulnerabilities in October Patch — tl;dr: In its October 2025 Patch Tuesday update, Microsoft addressed over 175 vulnerabilities, including three actively exploited zero-days: CVE-2025-24990, CVE-2025-59230, and CVE-2025-47827. CVE-2025-24990 affects a third-party driver for the Agere Modem, allowing admin privilege escalation, while CVE-2025-59230 impacts the Windows Remote Access Connection Manager, enabling attackers to gain SYSTEM-level access. CVE-2025-47827 targets IGEL OS, allowing Secure Boot bypass. Users are urged to update promptly, as these vulnerabilities pose significant risks across various Windows systems and environments.
↪ https://www.helpnetsecurity.com/2025/10/15/microsoft-patch-tuesday-zero-days-cve-2025-24990-cve-2025-59230-cve-2025-47827/
T-Mobile Data Breach Exposes 37 Million Customers; GoDaddy Incident Reported — tl;dr: On October 14, 2025, T-Mobile confirmed a significant data breach affecting the personal data of 37 million customers, with the threat actor still unidentified. Meanwhile, GoDaddy reported unauthorized access to customer accounts, raising concerns about sensitive data exposure. Additionally, a critical vulnerability (CVE-2023-4567) in Microsoft Exchange Server has been identified, allowing remote code execution, with an urgent patch available. Organizations are advised to monitor logs for unusual activities, validate multi-factor authentication policies, and ensure timely patching of critical systems to mitigate risks.
↪ https://www.cisoplatform.com/profiles/blogs/cisoplatform-breach-intelligence-oct-14-2025-t-mobile-data-breach
SimonMed Imaging Data Breach Affects 1.2 Million Patients — tl;dr: SimonMed Imaging has reported a significant data breach impacting over 1.2 million patients, with unauthorized access occurring between January 21 and February 5, 2025. The breach was discovered after a vendor reported a security incident, leading to an investigation that confirmed suspicious activity. While the specific details of the stolen data remain undisclosed, it may include sensitive medical information. Affected individuals are being offered free identity theft protection services. The Medusa ransomware group claimed responsibility for the attack, demanding a ransom, and has since removed SimonMed from its leak site, indicating a possible negotiation.
↪ https://www.bleepingcomputer.com/news/security/simonmed-says-12-million-patients-impacted-in-january-data-breach/
Microsoft Patch Tuesday October 2025: Three Zero-Days Exploited, Urgent Fixes Released — tl;dr: In Microsoft's Patch Tuesday for October 2025, 175 vulnerabilities were addressed, including three actively exploited zero-days: CVE-2025-59230 and CVE-2025-24990, both Elevation of Privilege vulnerabilities rated at 7.8, and CVE-2025-47827, a Secure Boot bypass rated at 4.6. Users of Windows Remote Access Connection Manager and the Agere Modem Driver are particularly at risk, with the latter's driver removed in the cumulative update. This update marks the end of support for Windows 10. Users are advised to apply the updates immediately to mitigate potential threats.
↪ https://thecyberexpress.com/patch-tuesday-october-2025-zero-days/
CVE-2025-61882: Cl0p Exploits Oracle E-Business Suite Zero-Day Vulnerability — tl;dr: The Cl0p ransomware group has exploited CVE-2025-61882, a zero-day vulnerability in Oracle E-Business Suite, leading to significant security concerns for affected organizations. Oracle has released an advisory addressing this flaw, which is actively being exploited in the wild. In addition, a related vulnerability, CVE-2025-61884, has also been identified and included in the advisory. Organizations using Oracle EBS are urged to apply the latest patches promptly and monitor for any suspicious activities to mitigate risks associated with these vulnerabilities.
↪ https://www.tenable.com/blog/cve-2025-61882-faq-oracle-e-business-suite-zero-day-cl0p-and-july-2025-cpu