Microsoft’s October 2025 Patch Tuesday fixes 183 flaws, including three exploited zero-days and two 9.9 CVSS bugs.

…“The vulnerable driver ships with every version of Windows, up to and including Server 2025,” Adam Barnett, lead software engineer at Rapid7, said. “Maybe your fax modem uses a different chipset, and so you don’t need the Agere driver? Perhaps you’ve simply discovered email? Tough luck. Your PC is still vulnerable, and a local attacker with a minimally privileged account can elevate to administrator.”…

  • Em Adespoton@lemmy.caEnglish
    15·
    7 hours ago

    People using that legacy hardware generally can’t run Windows 10, which just ended support this month. The patch is only for Windows 11, which won’t run on older hardware.

    • Snot Flickerman@lemmy.blahaj.zoneEnglish
      7·
      6 hours ago

      The patch is for Windows 10, Windows 11, and Server 2008 up to Server 2025.

      Further, there’s companies that make custom-built modern machines that support classic PCI and modern operating systems and classic operating systems.

      It’s conceivable that legacy systems are using modern OSes with virtualization running a legacy OS and legacy PCI cards, for example. It’s not beyond the realm of possibility.

      https://nixsys.com/legacy-computers/pci-slot-computers