Microsoft Issues Critical Security Update for CVE-2025-71143

Microsoft has issued an urgent security update to address CVE-2025-71143, a critical vulnerability rated 9.8/10 on the CVSS scale. The flaw affects Windows 10 version 1809 through Windows 11 version 24H2, allowing unauthenticated remote attackers to execute arbitrary code on vulnerable systems.

The vulnerability exists in the Windows Remote Procedure Call (RPC) service, specifically in how it handles malformed requests. Attackers can exploit this remotely without requiring user interaction or authentication credentials. Microsoft reports the flaw is being actively exploited in the wild, making immediate patching essential.

Affected Products

• Windows 10 version 1809 and later
• Windows Server 2019 and later
• Windows 11 version 21H2 through 24H2
• Windows Server 2022 and later

Mitigation Steps

1. Enable automatic updates or manually check for updates immediately
2. Apply the May 2025 security patch Tuesday updates
3. For enterprise environments, deploy via WSUS or Microsoft Endpoint Manager
4. Consider temporarily disabling affected services if immediate patching isn't possible

Microsoft has released KB5025239 containing the fix. The update addresses the memory corruption issue that could lead to remote code execution. Organizations should prioritize patching critical infrastructure and internet-facing systems first.

Timeline

• Vulnerability discovered: April 15, 2025
• Microsoft notified: April 16, 2025
• Patch development: April 17-28, 2025
• Public disclosure: May 13, 2025
• Patch release: May 13, 2025

The company coordinated with CISA and other security agencies before public disclosure. No workarounds exist beyond applying the official patch. Systems running unsupported Windows versions remain vulnerable and should be upgraded immediately.

For additional technical details, visit the Microsoft Security Update Guide.