Microsoft warns of a critical security flaw affecting multiple Windows versions that enables remote code execution without authentication. Patches are available immediately.
Microsoft has issued an urgent security advisory for CVE-2025-68786, a critical vulnerability allowing unauthenticated attackers to execute arbitrary code on vulnerable Windows systems. The flaw affects Windows 10 versions 21H2 through 23H2, Windows 11 versions 22H2 and 23H2, and Windows Server 2022. Successful exploitation could grant attackers full system control.
Rated 9.8 (CRITICAL) on the CVSS v3.1 scale, the vulnerability resides in the Windows Remote Procedure Call (RPC) subsystem. Attackers can trigger the flaw by sending specially crafted network packets to exposed systems without user interaction. Microsoft confirmed active exploitation attempts in limited targeted attacks.
Affected users must apply patches immediately via Windows Update or the Microsoft Update Catalog. Organizations should prioritize systems exposed to untrusted networks. No viable workarounds exist - patching is the only mitigation. Microsoft recommends enabling network-level protections via Windows Defender Firewall.
Timeline:
- Vulnerability reported: April 12, 2025
- Patch released: May 14, 2025
- Public advisory: May 15, 2025
Technical details are available in Microsoft's Security Update Guide. System administrators should validate patch deployment using the Microsoft Security Compliance Toolkit.
Comments
Please log in or register to join the discussion