Vulmon
CVE-2025-26633
Microsoft Management Console Local Security Feature Bypass Vulnerability
Microsoft Management Console contains a vulnerability where an unauthorized attacker can locally bypass a security feature through improper neutralization. This weakness presents a potential security risk that could allow an attacker to circumvent existing security controls within the management environment.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
microsoft windows 10 1507 |
||
microsoft windows 10 1607 |
||
microsoft windows 10 1809 |
||
microsoft windows 10 21h2 |
||
microsoft windows 10 22h2 |
||
microsoft windows 11 22h2 |
||
microsoft windows 11 23h2 |
||
microsoft windows 11 24h2 |
||
microsoft windows server 2008 - |
||
microsoft windows server 2008 r2 |
||
microsoft windows server 2012 - |
||
microsoft windows server 2012 r2 |
||
microsoft windows server 2016 - |
||
microsoft windows server 2019 - |
||
microsoft windows server 2022 |
||
microsoft windows server 2022 23h2 |
||
microsoft windows server 2025 |
EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher By Bill Toulas April 7, 2025 05:39 PM 1 EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. The reported vulnerabilities are CVE-2025-24061 (Mark of the Web bypass) and CVE-2025-24071 (File Explorer spoofing), which Microsoft addre...
EncryptHub linked to MMC zero-day attacks on Windows systems By Sergiu Gatlan March 25, 2025 12:51 PM 0 A threat actor known as EncryptHub has been linked to Windows zero-day attacks exploiting a Microsoft Management Console vulnerability patched this month. Uncovered by Trend Micro staff researcher Aliakbar Zahravi, this security feature bypass (dubbed 'MSC EvilTwin' and now tracked as CVE-2025-26633) resides in how MSC files are handled on vulnerable devices. Attackers can leverage the vulnera...
Microsoft patches Windows Kernel zero-day exploited since 2023 By Sergiu Gatlan March 12, 2025 10:30 AM 0 Slovak cybersecurity company ESET says a newly patched zero-day vulnerability in the Windows Win32 Kernel Subsystem has been exploited in attacks since March 2023. Fixed in Windows security updates released during this month's Patch Tuesday, the security flaw is now tracked as CVE-2025-24983 and was reported to Microsoft by ESET researcher Filip JurÄŤacko. The vulnerability is caused by a us...
Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws By Lawrence Abrams March 11, 2025 01:45 PM 2 .crit { font-weight:bold; color:red; } .article_section td { font-size: 14px!important; } Today is Microsoft's March 2025 Patch Tuesday, which includes security updates for 57 flaws, including six actively exploited zero-day vulnerabilities. This Patch Tuesday also fixes six "Critical" vulnerabilities, all remote code execution vulnerabilities. The number of bugs in each vulnerability...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Microsoft tackles 50-plus security blunders, Adobe splats 3D bugs, and Apple deals with a doozy
Patch Tuesday Microsoft’s Patch Tuesday bundle has appeared, with a dirty dozen flaws competing for your urgent attention – six of them rated critical and another six already being exploited by criminals. Let’s start with the six already exploited vulnerabilities, three of which impact Windows NTFS. The first is CVE-2025-24993 - a heap-based buffer overflow in NTFS used by Windows Server 2008 and later systems, as well as Windows 10 and 11. The flaw makes remote code execution (RCE) a poss...