Microsoft has released critical October 2025 Patch Tuesday updates KB5066835, KB5066793, and KB5066791, addressing 172 vulnerabilities including six zero-day flaws—three of which were actively exploited in the wild. The updates mark a historic moment as KB5066791 delivers the final free security patch for Windows 10 after a decade of service.
Critical Zero-Days Patched Across All Updates
The KB5066835, KB5066793, and KB5066791 updates collectively patch three actively exploited zero-days that pose immediate threats. CVE-2025-24990 and CVE-2025-24052 target the Windows Agere Modem driver, allowing attackers to gain administrative privileges even when the modem isn't actively used. All three updates remove the vulnerable ltmdm64.sys driver, which will disable dependent Fax modem hardware.
The most critical flaw, CVE-2025-59230, affects Windows Remote Access Connection Manager and was exploited to gain SYSTEM privileges—the highest level of access in Windows. Microsoft's Threat Intelligence Center and Security Response Center discovered this vulnerability, suggesting it was used in targeted attacks.
"Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally," Microsoft explains in the KB5066835 and KB5066793 changelogs.
Windows 11 Gets KB5066835 and KB5066793
Windows 11 users receive updates through two separate packages. KB5066835 targets versions 25H2 and 24H2, bringing builds to 26200.6899 and 26100.6899 respectively. Meanwhile, KB5066793 updates versions 23H2 and 22H2 to builds 22631.6060 and 22621.6060.
Both updates fix critical issues including PowerShell Remoting timeouts, Windows Hello face recognition setup failures, and Chromium browser print preview problems. A known issue affects certain Digital TV and Blu-ray apps using DRM-protected content, with partial resolution available in later updates.
KB5066791 represents the final free security update for Windows 10 versions 20H2, 21H2, and 22H2, bringing builds to 19044.6456 and 19045.6456. The update includes fixes for Chinese Input Method Editor issues and WinRM command timeouts, along with all critical zero-day patches.
Windows 10 users now face three options: upgrade to Windows 11 if hardware supports it, purchase new compatible devices, or enroll in Extended Security Updates (ESU)—offering consumers one additional year of protection and enterprises up to three years.
Hardware-Level Vulnerabilities in All Updates
KB5066835, KB5066793, and KB5066791 also address two publicly disclosed hardware vulnerabilities. CVE-2025-0033 affects AMD EPYC processors using Secure Encrypted Virtualization, where race conditions could allow memory manipulation. CVE-2025-2884 patches a TPM 2.0 vulnerability causing information disclosure or denial of service.
Immediate Action Required: Install KB5066835, KB5066793, or KB5066791 immediately through Windows Update based on your Windows version. Organizations using Azure AMD processors should monitor Service Health Alerts for additional patches.