Patch SMB Vulnerability to Protect Older Windows Systems

23 Oct 2025

A critical vulnerability affecting older versions of Windows and Windows Server, identified as CVE-2025-33073, has been added to the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities list.

Patch Availability and Dates

On 2025-10-20, CISA listed this flaw, though Microsoft had released a patch in June 2025. Systems updated with this Patch Tuesday release are secure. Those without the update should act promptly to install it.

Vulnerability Details

The flaw exploits improper access controls within the Server Message Block (SMB). This allows attackers to execute scripts that trick target machines into connecting back and authenticating. If exploited, attackers may gain system-level access.

  • Known as CVE-2025-33073, it affects older Windows versions.
  • CISA added it to its list on 2025-10-20.
  • Microsoft released a patch in 2025-06.
  • The bug involves SMB improper access controls.
  • Exploits give attackers system-level access.

Security Recommendations

Microsoft's update is essential to blocking this vulnerability. Recommended actions include:

  • Install the latest Microsoft updates immediately.
  • Monitor for unusual SMB traffic.
  • Limit SMB exposure to trusted networks.
  • Utilize detection tools, such as those from Vicarius, to verify system status.

Microsoft credited researchers from CrowdStrike and Google's Project Zero for identifying the issue.

Comments (0)

Создание новых комментариев временно недоступно.

No comments yet. Be the first to comment!
Discover Microsoft Windows XP

Discover Microsoft Windows XP download for free to PC or mobile

Enhance your experience with essential tips, shortcuts, and curated resources.

3
661 reviews
3985 downloads