Microsoft WSUS Exploits Hit Multiple Firms, Google Says

Google has issued a warning that attackers are actively exploiting Microsoft WSUS vulnerabilities to compromise multiple organizations. The tech giant’s threat intelligence team observed a wave of intrusions targeting Windows Server Update Services, a tool used to manage and distribute Microsoft software updates across enterprise environments.

Threat actors appear to be leveraging flaws in the WSUS system to push malicious updates into internal networks. According to Google’s findings, the attackers bypassed standard security controls and gained elevated privileges by manipulating Microsoft WSUS exploits. These intrusions highlight the growing risks tied to unpatched or misconfigured update services.

Security experts advise organizations to audit their WSUS configurations and apply all relevant patches immediately. Google emphasized that repeated attacks show a clear pattern of exploitation, urging IT teams to remain vigilant. The incidents underscore the need for continuous monitoring and rapid response to suspicious update activities.

Read the full report at:
https://www.theregister.com/2025/10/27/microsoft_wsus_attacks_multiple_orgs/