Microsoft Windows Security Updates for October 2025 are now available

[harlan4096]

Welcome to the "end of support for Windows 10" edition of our monthly overview of Microsoft security updates for Windows. Microsoft has released the last official security update for Windows 10 and also updates for Windows 11 and other company products, including Microsoft Office.

If you do run Windows 10, you may want to check out the options that you have. In short, best option for most users is probably to subscribe to ESU to get another year of support.

Microsoft Windows Security Updates: October 2025You may download the following Excel spreadsheet to get a list of released updates. Click on the following link to download the archive to the local device: Windows October 2025 security updates

Executive Summary

• Microsoft released a total of 175 security updates for various Microsoft products and 21 security update for non-Microsoft issues (e.g. Chromium).
  
• Windows clients with issues:
  • Windows 10: none
    
  • Windows 11: 24H2 and 25H2
    
• Windows Server clients with issues:
  • Windows Server 2008
    

Product overview

Each supported version of Windows and their critical vulnerabilities are listed below.

• Windows 10 version 22H2: 97 vulnerabilities, 2 critical, 95 important
  • MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerability -- CVE-2016-9535
    
  • Plus Microsoft Graphics Component Elevation of Privilege Vulnerability -- CVE-2025-49708
    
• Windows 11 version 23H2: 107 vulnerabilities, 2 critical, 105 important
  • Same as Windows 10 version 22H2.
    
• Windows 11 version 24H2: 124 vulnerabilities, 2 critical, 121 important, and 1 moderate
  • Same as Windows 10 version 22H2.
    
• Windows 11 version 25H2: 116 vulnerabilities, 2 critical, 114 important
  • Same as Windows 10 version 22H2.
    

Windows Server products

• Windows Server 2008 R2 (extended support only): 37 vulnerabilities: 1 critical,  36 important
  • MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerability -- CVE-2016-9535
    
• Windows Server 2016: 73 vulnerabilities: 2 critical, 71 important
  • MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerability -- CVE-2016-9535
    
  • Windows Server Update Service (WSUS) Remote Code Execution Vulnerability -- CVE-2025-59287
    
• Windows Server 2019: 95 vulnerabilities: 3 critical, 92 important
  • Same as Windows Server 2016.
    
  • Plus Microsoft Graphics Component Elevation of Privilege Vulnerability -- CVE-2025-49708
    
• Windows Server 2022: 103 vulnerabilities: 3 critical, 99 important, and 1 moderate
  • Same as Windows Server 2019.
    
• Windows Server 2025:  130 vulnerabilities: 3 critical, 126 important, and 1 moderate
  • Same as Windows Server 2019.
    

Continue Reading...