Fortra's October 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.
Up first on the list are patches for Chromium, Internet Explorer, and Microsoft Edge (Chromium-based) that resolve 15 issues, including use-after-free, heap buffer overflow, inappropriate implementation, and remote code execution vulnerabilities.
Next on the list are patches for Microsoft Office, Word, Excel, PowerPoint, and Visio. These patches resolve 16 issues, including remote code execution and denial-of-service vulnerabilities.
Up next are patches that affect components of the core Windows operating system. These patches resolve over 115 vulnerabilities, including elevation of privilege, spoofing, denial of service, information disclosure, and remote code execution vulnerabilities. These vulnerabilities affect Kernel, SMB, RRAS, Bluetooth Service, NFTS, BitLocker, RPC, Cloud Files Mini Filter Driver, NTLM, DWM Core, and various others.
Next are patches for PowerShell, .NET, .NET Framework, and Visual Studio. These patches resolve information disclosure, security feature bypass, and elevation of privilege vulnerabilities.
Lastly, administrators should focus on server-side patches for SharePoint, Hyper-V, Failover Cluster, WSUS, Exchange Server, SMB, Active Directory Federation services, and Remote Desktop. These patches resolve 15 issues including remote code execution, elevation of privilege, spoofing, and information disclosure vulnerabilities.
| BULLETIN | CVE |
|---|---|
| Chromium and Microsoft Edge (Chromium-based) | CVE-2025-11205, CVE-2025-11206, CVE-2025-11207, CVE-2025-11208, CVE-2025-11209, CVE-2025-11210, CVE-2025-11211, CVE-2025-11212, CVE-2025-11213, CVE-2025-11215, CVE-2025-11216, CVE-2025-11219, CVE-2025-11458, CVE-2025-11460 |
| Internet Explorer | CVE-2025-59295 |
| Microsoft Office Word | CVE-2025-59222, CVE-2025-59221 |
| Microsoft Office | CVE-2025-59229, CVE-2025-59227, CVE-2025-59234 |
| Microsoft Office Excel | CVE-2025-59232, CVE-2025-59235, CVE-2025-59223, CVE-2025-59225, CVE-2025-59224, CVE-2025-59243, CVE-2025-59236, CVE-2025-59231, CVE-2025-59233 |
| Microsoft Office PowerPoint | CVE-2025-59238 |
| Microsoft Office Visio | CVE-2025-59226 |
| Windows I | CVE-2025-59214, CVE-2025-58739, CVE-2025-59189, CVE-2025-48004, CVE-2025-59184, CVE-2025-58718, CVE-2025-59275, CVE-2025-59277, CVE-2025-59278, CVE-2025-47827, CVE-2025-59192, CVE-2016-9535, CVE-2025-59195, CVE-2025-49708, CVE-2025-59261, CVE-2025-59205, CVE-2025-59230, CVE-2025-59254, CVE-2025-59255, CVE-2025-59200, CVE-2025-55696, CVE-2025-58724, CVE-2025-47989, CVE-2025-55326, CVE-2025-59191, CVE-2025-58719, CVE-2025-55677, CVE-2025-50174, CVE-2025-55700, CVE-2025-58717, CVE-2025-55687, CVE-2025-59193, CVE-2025-59204, CVE-2025-55681, CVE-2025-58722, CVE-2025-58725, CVE-2025-50175, CVE-2025-53150, CVE-2025-59201, CVE-2025-59210, CVE-2025-59206, CVE-2025-55692, CVE-2025-55694, CVE-2025-59197, CVE-2025-58720, CVE-2025-59257, CVE-2025-59259, CVE-2025-58729, CVE-2025-59196 |
| Windows II | CVE-2025-48813, CVE-2025-53717, CVE-2025-59199, CVE-2025-55693, CVE-2025-59187, CVE-2025-59194, CVE-2025-59207, CVE-2025-50152, CVE-2025-55679, CVE-2025-55699, CVE-2025-55683, CVE-2025-59186, CVE-2025-55334, CVE-2025-24990, CVE-2025-24052, CVE-2025-59284, CVE-2025-59213, CVE-2025-55320, CVE-2025-59294, CVE-2025-59281, CVE-2025-59290, CVE-2025-59289, CVE-2025-58728, CVE-2025-59185, CVE-2025-59244, CVE-2025-55695, CVE-2025-59280, CVE-2025-55701, CVE-2025-59208, CVE-2025-55680, CVE-2025-55336, CVE-2025-55325, CVE-2025-59241, CVE-2025-59502, CVE-2025-59203, CVE-2025-55676, CVE-2025-58715, CVE-2025-58716, CVE-2025-58727, CVE-2025-55338, CVE-2025-55337, CVE-2025-55682, CVE-2025-55330, CVE-2025-55333, CVE-2025-55332, CVE-2025-55335, CVE-2025-55339, CVE-2025-53139, CVE-2025-59286, CVE-2025-59272, CVE-2025-59252, CVE-2025-55698, CVE-2025-55678, |
| Microsoft PowerShell | CVE-2025-25004 |
| .NET, .NET Framework, Visual Studio | CVE-2025-55248, CVE-2025-55315, CVE-2025-55247 |
| Microsoft Office SharePoint | CVE-2025-59228, CVE-2025-59237 |
| Windows Server Update Service | CVE-2025-59287 |
| Windows Hyper-V | CVE-2025-55328 |
| Microsoft Exchange Server | CVE-2025-59249, CVE-2025-53782, CVE-2025-59248 |
| Windows Remote Desktop Services | CVE-2025-59202, CVE-2025-58737, CVE-2025-55340 |
| Windows SMB Server | CVE-2025-58726 |
| Active Directory Federation Services | CVE-2025-59258 |
Strengthen your Security Posture
Mature beyond checkbox compliance and strengthen your security posture.
