VulnerabilityBleeping Computer
9.8 — CRITICAL
Critical Windows Netlogon RCE flaw now exploited in attacks
The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon vulnerability in attacks. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
A recently patched Windows Netlogon vulnerability (CVE-2026-41089) is now being actively exploited in attacks, allowing attackers to gain remote code execution on targeted domain controllers without needing privileges.
⚙️Technical Details
💥Impact Assessment
Severity: Critical
Who Is at Risk
Admins of vulnerable Windows Server systems, including those running Microsoft Windows Server 2012, 2016, 2019, 2022, and 2022 23H2.
🛡️Recommended Actions
1Immediately patch vulnerable servers with the latest security updates
2Monitor system logs for suspicious activity and implement additional security controls
3Implement network segmentation and isolation to limit lateral movement in case of compromise
📦Affected Products
Microsoft Windows Server 2012Microsoft Windows Server 2016Microsoft Windows Server 2019Microsoft Windows Server 2022Microsoft Windows Server 2022 23H2Microsoft Windows Server 2025Microsoft Windows 11 24H2Microsoft Windows 11 25H2Microsoft Windows 11 26H1Microsoft Defender Antimalware Platform
🔐NVD Verified DataVERIFIED
CVE-2026-41089 ↗CVSS 9.8 — CRITICAL
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HWeaknesses
CWE-121
Affected Products (CPE)
Microsoft Windows Server 2012Microsoft Windows Server 2016Microsoft Windows Server 2019Microsoft Windows Server 2022Microsoft Windows Server 2022 23H2
CVE-2026-45585 ↗CVSS 6.8 — MEDIUM
Attack Vector
PHYSICAL
Complexity
LOW
Vector String
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HWeaknesses
CWE-77
Affected Products (CPE)
Microsoft Windows 11 24H2Microsoft Windows 11 25H2Microsoft Windows 11 26H1Microsoft Windows Server 2025
CVE-2026-33825 ↗CVSS 7.8 — HIGH
Attack Vector
LOCAL
Complexity
LOW
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HWeaknesses
CWE-1220
Affected Products (CPE)
Microsoft Defender Antimalware Platform
CVE-2026-41091 ↗CVSS 7.8 — HIGH
Attack Vector
LOCAL
Complexity
LOW
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HWeaknesses
CWE-59
Affected Products (CPE)
Microsoft Malware Protection Engine
CVE-2026-45498 ↗CVSS 7.5 — HIGH
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HWeaknesses
CWE-400
Affected Products (CPE)
Microsoft Defender Antimalware Platform
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.