The US CISA warns of active exploitation of a Windows vulnerability that can affect both Windows 11 and Windows Server. A patch has been available since June.
In June, Microsoft reported a vulnerability (CVE-2025-33073) that allows attackers to exploit the SMB protocol (Server Message Block) to gain elevated access rights. The vulnerability could affect various Windows versions, from Windows 11 to Windows 10 and Windows Server. Microsoft rolled out a patch in the middle of the month.
In an ideal world, this vulnerability should be a thing of the past, but patches are not always installed immediately. CISA, the US federal agency for cybersecurity, has placed the vulnerability on a
Elevated Privileges
This should serve as a wake-up call not just for American companies, but for companies worldwide to update Windows. The vulnerability can give intruders elevated privileges and thus free access to your business environment.
“The attacker can persuade a victim to connect to an attacker-controlled malicious application, such as an SMB server. Once the connection is established, the malicious server can compromise the protocol,” Microsoft described the vulnerability in June.
“To exploit this vulnerability, an attacker can execute a specially crafted malicious script to force the victim’s computer to connect to the attack system via SMB and log in. This can lead to an elevation of privileges,” the description continues.
read also
Windows 10 Reaches End of Support: What Now?
Patches are available for supported Windows 11 and Windows Server versions. Windows 10 should have also received a patch at the time. To ensure that Windows 10 stays up-to-date with security updates, it is advisable to register for extended support.