Microsoft Exchange and SQL Server
Microsoft published a single update for SQL Server this October. This patch (CVE-2025-59250) has been rated important and attempts to resolve an issue with the JDBC integration with Microsoft SQL Server. A server reboot will be required. In addition, Microsoft released three updates to Microsoft Exchange Server (CVE-2025-53782, CVE-2025-59249 and CVE-2025-59248). Add these SQL Server and Exchange Server changes to your standard server update plan.
Developer tools
Six updates were published for Microsoft .NET and Visual Studio, all of them rated important. The update to Git (CVE-2025-54132) might appear odd as it relates to a bug in the Mermaid Diagram tool, but it was created on behalf of Git for publishing reasons. Add these updates to your standard patching schedule.
Adobe (and third-party updates)
Next month, we might see the retirement of this Adobe related section (promises, promises). That said, Microsoft has released seven updates from third-party vendors, including CERT/CC, Mitre and GitHub. It looks like Mitre and AMD are raising these CVE entries on behalf of open source organizations (such as libTiFF) to facilitate the rapid patches of these commonly used components. It’s a good idea. I hope that we see more of this kind of collaboration.
This story originally appeared on Computerworld
