Microsoft releases out-of-band update for Windows 11 RRAS vulnerabilities
Overview
Microsoft has released an out-of-band update to address three vulnerabilities in Windows 11's Routing and Remote Access Service (RRAS). The vulnerabilities, identified as CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111, could potentially allow remote code execution when users connect to a malicious server. This is a serious concern as it could enable attackers to execute harmful code on affected systems. Users of Windows 11 should ensure they apply the latest updates to protect their devices from these risks. The prompt release of this patch reflects the urgency in addressing vulnerabilities that can be exploited remotely, highlighting the need for users to stay vigilant about software updates.
Key Takeaways
- Affected Systems: Windows 11, Routing and Remote Access Service (RRAS)
- Action Required: Users should apply the latest updates provided by Microsoft to address the vulnerabilities.
- Timeline: Newly disclosed
Original Article Summary
The vulnerabilities, tracked as CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111, could allow remote code execution if a user connects to a malicious server.
Impact
Windows 11, Routing and Remote Access Service (RRAS)
Exploitation Status
No active exploitation has been reported at this time. However, organizations should still apply patches promptly as proof-of-concept code may exist.
Timeline
Newly disclosed
Remediation
Users should apply the latest updates provided by Microsoft to address the vulnerabilities. Specific patch numbers or versions were not mentioned, but keeping Windows 11 updated is essential.
Additional Information
This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.
Related Topics: This incident relates to Windows, CVE, Microsoft, and 2 more.