How to find Microsoft Windows Server Update Services (WSUS) installations on your network

Microsoft disclosed CVE-2025-59287, a critical (CVSS 9.8) remote code execution vulnerability in Windows Server Update Services (WSUS) due to unsafe deserialization; the flaw allows unauthenticated remote attackers to execute arbitrary code, is reported to be actively exploited in the wild, affects multiple Windows Server releases (2012 through 2025), and Microsoft released out-of-band fixes (October 23, 2025) with recommended upgrade versions and a runZero query to locate potentially impacted assets.