The Detectify security research team explores CVE-2025-59287, a critical remote code execution vulnerability in Microsoft Windows Server Update Services (WSUS), caused by unsafe deserialization of untrusted data. This flaw allows attackers to exploit unauthenticated endpoints to execute arbitrary code with SYSTEM privileges, posing significant risks by targeting core update management infrastructure within enterprises. The vulnerability has a CVSS score of 9.8 and has been actively exploited to deploy malicious payloads like infostealers and pre-ransomware, threatening sensitive data, especially in regulated environments. The presence of public proof-of-concept exploits exacerbates the threat landscape, making it crucial for enterprises to apply vendor patches promptly. Detectify assists its customers by running payload-based assessments to identify this vulnerability, emphasizing the importance of proactive security measures.