IRONSMITHINTEL
CRITICALCVSS9.8
|CVE-2025-60724|Reboot: not required|Manual only

KB5068861: Windows Server 2025 Security Update (November 2025)

Microsoft addressed this vulnerability in KB5068861 as part of the Nov 2025 security update for Windows Server 2025. See the MSRC advisory for technical details and the manual remediation steps below.

Published Nov 11, 2025 · Updated May 21, 2026
Why patchRisk explained in plain English
Worst-case scenarioIf unpatched

A successful exploit allows an attacker to execute arbitrary code on the affected system. The privileges obtained depend on the vulnerable service or component — consult the CVSS vector and MSRC advisory for impact details.

How the attack works

Windows Server 2025 is affected by a Remote Code Execution vulnerability in Remote Code Execution. Refer to the linked MSRC and NVD advisories for the precise technical description of the affected components, versions, configurations, and prerequisites required for exploitation. (This entry was auto-generated from MSRC source data and has not yet been editorially reviewed.)

Am I affected?Quick check

Probably yes if any of these apply:

Affected OS versions

Windows Server 2025
Real-world incidentsWhat we've seen

No public exploitation details were available for CVE-2025-60724 at the time this entry was ingested from MSRC. Before deciding patch priority, check the CISA Known Exploited Vulnerabilities Catalog, the Microsoft Threat Intelligence Blog, and recent security researcher disclosures for current real-world exploitation status. (This entry was auto-generated from MSRC source data and has not yet been editorially reviewed.)

How to patch

Manual download

For air-gapped servers or out-of-band deployment. Microsoft Update Catalog returns every OS-version variant of this update.

↗ Microsoft Update CatalogKB5068861

Manual remediation steps

Apply the Nov 2025 cumulative update

Install KB5068861 on every affected Windows Server 2025 system via one of the following channels:

    1
    Windows Update / WSUS — standard monthly delivery.
    1
    Microsoft Update Catalog — https://catalog.update.microsoft.com/Search.aspx?q=KB5068861
    1
    SCCM / Intune — deploy through your existing cumulative-update collection.
# Confirm the update is installed
Get-HotFix -Id KB5068861

Reboot once after install per the standard cumulative-update guidance.

This remediation was auto-generated from MSRC source data for CVE-2025-60724 and has not yet been editorially reviewed. A curator may add OS-version-specific notes, prerequisites, or known-issue workarounds.

PowerShell automationComing soon

No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.

References

CVE-2025-60724MSRC AdvisoryNVDKBKB5068861