A critical vulnerability affecting older versions of Windows and Windows Server, identified as CVE-2025-33073, has been added to the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities list.
Patch Availability and Dates
On 2025-10-20, CISA listed this flaw, though Microsoft had released a patch in June 2025. Systems updated with this Patch Tuesday release are secure. Those without the update should act promptly to install it.
Vulnerability Details
The flaw exploits improper access controls within the Server Message Block (SMB). This allows attackers to execute scripts that trick target machines into connecting back and authenticating. If exploited, attackers may gain system-level access.
- Known as CVE-2025-33073, it affects older Windows versions.
- CISA added it to its list on 2025-10-20.
- Microsoft released a patch in 2025-06.
- The bug involves SMB improper access controls.
- Exploits give attackers system-level access.
Security Recommendations
Microsoft's update is essential to blocking this vulnerability. Recommended actions include:
- Install the latest Microsoft updates immediately.
- Monitor for unusual SMB traffic.
- Limit SMB exposure to trusted networks.
- Utilize detection tools, such as those from Vicarius, to verify system status.
Microsoft credited researchers from CrowdStrike and Google's Project Zero for identifying the issue.
