MC1180840 – An updated version of the October 2025 Scan Cab is available

Product:

Windows, Windows Server

Platform:

Online, World tenant

Status:

Change type:

Admin impact

Links:

Details:

IMPORTANT: This notice is only relevant for environments where:
Windows Server Update Services (WSUS) is used to deploy Windows security updates to Windows Server devices.
Scan Cab is used to check for update compliance.
The October 2025 Scan Cab was deployed before 8:54 PM PT on October 24, 2025.

An updated version of the October 2025 Scan Cab was made available at 8:54 am PT on October 24, 2025. This Scan Cab includes new metadata corresponding to new updates for the following versions of Windows Server:
* Windows Server 2025 (KB5070762; KB5070881)
* Windows Server, version 23H2 (KB5070879)
* Windows Server 2022 (KB5070884)
* Azure Automanage for Windows Server 2022 with Hotpatch (KB5070892)
* Windows Server 2019 (KB5070883)
* Windows Server 2016 (KB5070882)
* Windows Server 2012 R2 (KB5070886)
* Windows Server 2012 (KB5070887)

The new Microsoft updates for these Windows Server versions, released October 24, 2025, included additional protections to address CVE-2025-59 287. See the additional information section of this message for details.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2025-10-27

updated:
2025-10-27

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

Increased Risk of Security Vulnerabilities
If the updated Scan Cab is not deployed, systems may remain vulnerable to CVE-2025-59287, leading to potential exploitation.
   - roles: IT Administrators, Security Analysts
   - references: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287, https://support.microsoft.com/topic/kb5070762-safe-os-dynamic-out-of-band-update-for-windows-11-version-24h2-and-25h2-and-windows-server-2025-october-20-2025-b92451e7-99c1-4ef8-ad12-b3f6bf381d8d

Compliance Issues
Failure to update the Scan Cab may result in non-compliance with security policies, affecting audits and regulatory requirements.
   - roles: Compliance Officers, IT Administrators
   - references: https://learn.microsoft.com/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catalog-site, https://learn.microsoft.com/windows/release-health/windows-message-center#3668 " target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/windows/release-health/windows-message-center#3668

User Experience Degradation
Users may experience system instability or performance issues if security updates are not applied in a timely manner, leading to frustration and decreased productivity.
   - roles: End Users, IT Support Staff
   - references: https://learn.microsoft.com/windows/win32/wua_sdk/using-wua-to-scan-for-updates-offline?tabs=vbscript, https://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-a-smaller-wsus-scan-cab/ba-p/2928256?msclkid=256145ccd0c011ec9266b53af8d0aca1

Increased IT Support Load
Without proper deployment of the updated Scan Cab, IT support may face an influx of tickets related to update failures or system issues, straining resources.
   - roles: IT Support Staff, Help Desk Technicians
   - references: https://learn.microsoft.com/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus, https://learn.microsoft.com/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catalog-site " target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catalog-site

Potential Downtime
If the updated Scan Cab is not deployed, systems may require emergency updates later, leading to unplanned downtime and disruption of services.
   - roles: System Administrators, Network Engineers
   - references: https://learn.microsoft.com/windows/release-health/windows-message-center#3668, https://support.microsoft.com/topic/5070884

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

Automated Compliance Checks
Implement automated tools that utilize the updated Scan Cab to perform compliance checks for Windows Server updates, reducing manual effort and ensuring timely updates across all servers.
   - next-steps: Evaluate and select compliance automation tools that integrate with WSUS and the updated Scan Cab. Train IT staff on the new processes.
   - roles: IT Administrators, Compliance Officers, System Administrators
   - references: https://learn.microsoft.com/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catalog-site, https://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-a-smaller-wsus-scan-cab/ba-p/2928256?msclkid=256145ccd0c011ec9266b53af8d0aca1

Enhanced Security Posture
Utilize the new metadata in the updated Scan Cab to improve the organization's security posture by addressing vulnerabilities, particularly CVE-2025-59287, across all Windows Server environments.
   - next-steps: Conduct a risk assessment to identify vulnerable systems, then prioritize and schedule updates based on the new Scan Cab metadata.
   - roles: Security Officers, IT Administrators, Risk Management Teams
   - references: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287, https://support.microsoft.com/topic/kb5070762-safe-os-dynamic-out-of-band-update-for-windows-11-version-24h2-and-25h2-and-windows-server-2025-october-20-2025-b92451e7-99c1-4ef8-ad12-b3f6bf381d8d

Documentation and Training Improvements
Update internal documentation and provide training sessions for IT staff on the implications of the new Scan Cab and the importance of timely updates, ensuring all team members are informed and prepared.
   - next-steps: Review current documentation, identify gaps related to the new Scan Cab, and develop a training schedule for IT staff.
   - roles: IT Administrators, Training Coordinators, Documentation Specialists
   - references: https://learn.microsoft.com/windows-server/administration/windows-server-update-services/get-started/windows-server-update-services-wsus, https://learn.microsoft.com/windows/win32/wua_sdk/using-wua-to-scan-for-updates-offline?tabs=vbscript

Potentional Risks**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

XXXXXXX ... free basic plan only