The vulnerability, named CVE-2025-62215, allows an attacker to escalate their privileges to the highest level after initially compromising the device. This step is necessary to carry out ransomware and cyber espionage attacks.
Microsoft indicated that users of supported versions or those receiving extended security updates of Windows 10 and 11 are most at risk.
The company also stressed the importance of installing the security update immediately, even if it is outside the usual update schedule, because the vulnerability is already being exploited. It confirmed that delaying the update poses a direct risk of turning the device into a complete target or a launchpad for attacks within the network.
In addition, Microsoft advised strengthening protection by using strong passwords, enabling two-factor authentication, and avoiding opening suspicious links and attachments. Organizations should also prioritize securing the most sensitive devices.
Microsoft emphasizes that this risk is real and not just an assumption, and that prompt handling of security updates is the first line of defense to prevent widespread attacks.
