"This is a bug that affects millions of systems worldwide and is still being exploited despite a patch from Microsoft. CISA added the vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog. CISA thus confirms that malicious actors are actively exploiting the leak. The warning is part of a broader effort by the US government to encourage organizations to accelerate their patching policies and close critical security gaps before they lead to large-scale incidents."
"Among these vulnerabilities is the serious leak in the Microsoft Windows Server Message Block (SMB) client, registered as CVE-2025-33073, which is currently being actively exploited. CISA warns that this vulnerability, with a CVSS score of 8.8, poses a high risk to organizations that have not yet updated their systems. The vulnerability affects the client side of the SMB protocol, an essential component used for file sharing and network access in virtually all Windows environments, reports The Register."
"The flaw allows attackers to trick a Windows system into connecting to a malicious SMB server. Once that connection is established, the attack can be carried out remotely, giving the attacker elevated access privileges. According to CISA, the threat stems from the fact that many systems have still not been updated despite a patch released by Microsoft in June 2025."
CISA has warned of active exploitation of a Windows SMB client vulnerability, CVE-2025-33073, which carries a CVSS score of 8.8. The flaw affects the SMB client and can trick Windows systems into connecting to malicious SMB servers, enabling remote attacks that grant elevated privileges. Microsoft released a patch in June 2025, but many systems remain unpatched. CISA added the flaw to its Known Exploited Vulnerabilities Catalog and included four other actively exploited bugs affecting Apple, Kentico Xperience, and Oracle products. The US government is urging organizations to accelerate patching to reduce exposure.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]