Microsoft has reported a significant vulnerability in Windows Remote Desktop Services, tracked as CVE-2025-60703. This flaw, rated as ‘Important’, allows local attackers to escalate privileges potentially to SYSTEM-level access by exploiting an untrusted pointer dereference issue. It particularly affects enterprise networks where insider threats are common, making it imperative for organizations to patch immediately.
The vulnerability impacts multiple Windows versions, including Windows 10 and 11, with Microsoft suggesting that organizations utilizing RDS for virtual desktop infrastructures prioritize deploying updates. Although the exploitability is currently considered ‘Unlikely’, the potential consequences highlight the need for vigilance. Organizations should implement least-privilege principles and monitor for unusual privilege escalations as part of their security practices to mitigate risks associated with this flaw. While no active exploits are reported, the issue is a reminder of the ongoing challenges in securing remote access protocols.
👉 Pročitaj original: Cyber Security News
