CISA Warns of Windows Privilege Escalation Flaw Affecting Windows 11 and Server 2025

CISA has issued a new alert about a Windows privilege escalation vulnerability, shortly after raising concerns over SharePoint flaws. The newly highlighted issue targets core Windows components and could allow attackers to gain full system control with minimal effort.

Vulnerability details and impact

The flaw, tracked as CVE-2025-60710, affects the Windows Task Host component and stems from improper link resolution. This type of vulnerability allows attackers to exploit how the system handles file paths and symbolic links.

Security researchers note that the issue enables local attackers with basic access to escalate privileges to the SYSTEM level. That effectively grants full control over the affected device, including access to sensitive data and critical system functions.

The attack complexity remains low, making it particularly dangerous in enterprise environments where attackers often start with limited access. Once exploited, the vulnerability can lead to complete system compromise.

Patch status and CISA directive

Microsoft addressed the issue in its November 2025 security updates, but concerns remain due to its inclusion in CISA’s Known Exploited Vulnerabilities catalog. This designation signals a high risk, even though Microsoft has not publicly confirmed active exploitation.

CISA has instructed federal agencies to secure affected systems within two weeks. The agency also strongly recommends that private organizations follow the same timeline to reduce exposure.

Recommended mitigation steps

Organizations should take immediate action to minimize risk:

• Apply the latest Windows security updates without delay
• Follow Microsoft’s official mitigation guidance
• Review and secure any connected cloud environments
• Discontinue use of vulnerable systems if patches cannot be applied

Experts emphasize that link-following vulnerabilities remain a common attack vector, especially in targeted intrusions.

Ongoing Windows security concerns

This warning comes as Microsoft continues to address broader security challenges. Recent Patch Tuesday updates resolved 167 vulnerabilities and introduced improved protections for Remote Desktop Protocol (RDP).

At the same time, updates KB5083769 and KB5082052 have triggered unexpected BitLocker recovery prompts on some systems, with Microsoft currently investigating the issue.

Via Bleeping Computer