Latest Windows 10 Updates: Microsoft Patches 173 Vulnerabilities, Including Six Zero-Days

As part of October’s Patch Tuesday, Microsoft has released fixes for 173 vulnerabilities across its products including six zero-day flaws and two vulnerabilities already under active exploitation.

Overview of Zero-Days and Actively Exploited Bugs

This month’s updates address two publicly disclosed zero-day vulnerabilities in Windows SMB Server and Microsoft SQL Server, along with three bugs that were confirmed to be exploited in real-world attacks.

Microsoft classifies a vulnerability as a zero-day if information about it becomes public before a fix is released, or if it is already being used in active attacks. Below are the three vulnerabilities that have been weaponized by threat actors.

CVE-2025-24990 — Agere Modem Driver Elevation of Privilege

An elevation of privilege vulnerability was found in the Agere modem driver (ltmdm64.sys) for Windows.
Microsoft has removed the vulnerable driver entirely, as it was being exploited by attackers to gain administrator-level privileges.

The company warns that removing this driver will render any associated modem hardware nonfunctional.
The flaw affects all versions of Windows, and exploitation does not require the presence of a modem.
Notably, the vulnerability appears to have been publicly disclosed before the patch release.

CVE-2025-59230 — Remote Access Connection Manager Elevation of Privilege

A second elevation of privilege vulnerability affects Windows Remote Access Connection Manager.
According to Microsoft:

“An improper access control in Windows Remote Access Connection Manager allowed an authenticated attacker to elevate privileges locally.”

Exploitation of this bug grants SYSTEM-level privileges, making it particularly attractive for post-exploitation activities such as persistence or lateral movement.

CVE-2025-47827 — Secure Boot Bypass in IGEL OS

The third major flaw involves a Secure Boot bypass in IGEL OS versions prior to 11.
As researchers explained:

“In IGEL OS prior to version 11, the igel-flash-driver module failed to properly validate cryptographic signatures, allowing a specially crafted root filesystem from an untrusted SquashFS image to be mounted.”

This vulnerability (discovered and publicly described on GitHub by security researcher Zack Didcott) has been addressed through Microsoft’s coordinated updates.
Microsoft notes that the October Patch Tuesday release includes fixes for IGEL OS as part of its Security Update Guide Supports CVEs Assigned by Industry Partners program.

End of Free Security Updates for Windows 10

Microsoft also confirmed that October 14, 2025, marks the official end of free support for Windows 10.
This Patch Tuesday is therefore the final release of complimentary security updates for the operating system.

Users who wish to continue receiving patches must subscribe to the Extended Security Updates (ESU) program:

• Regular consumers can purchase a one-year ESU subscription
• Enterprise customers can subscribe for up to three years