Microsoft Patches 172 Flaws, 3 Zero-Days in October

Microsoft’s October 2025 Patch Tuesday rolled out fixes for 172 security flaws, the largest monthly total so far this year. Among those addressed, eight were rated critical, three were zero-day vulnerabilities actively exploited in the wild, and two had been publicly disclosed prior to the update. The company’s response underscores the growing priority on mitigating threats quickly and comprehensively. Microsoft patches 172 flaws in this release, highlighting an aggressive effort to reduce system exposure.

Notable vulnerabilities include CVE-2025-59292, CVE-2025-59291, and CVE-2025-59287, all categorized with heightened severity. The update also covers longstanding issues such as CVE-2016-9535. Security analysts emphasized the importance of immediate deployment, given the presence of actively exploited zero-days. Microsoft patches 172 flaws this cycle, reinforcing the urgency for organizations to update their systems without delay.

For a complete breakdown of the vulnerabilities and detailed analysis, read the full report at the following link:
https://www.crowdstrike.com/en-us/blog/patch-tuesday-analysis-october-2025/