- CVE-2025-33073 sees Windows users facing an SMB vulnerability
- Microsoft issued a patch in June 2025 – make sure you’re up to date
- Google researchers were among those who discovered it
Microsoft has acknowledged that older versions of Windows 10, Windows 11 and Windows Server can be exploited due to a vulnerability related to SMB.
The vulnerability, tracked as CVE-2025-33073 with a score of 8.8, was added to America’s Cybersecurity and Infrastructure Security Agency (CISA) list of Known Exploited Vulnerabilities (KEV) on October 20.
Fortunately, Microsoft has already issued a fix for this, so anyone who has applied the June 2025 Patch Tuesday update should be safe, but those who haven’t should act immediately.
CISA says this Microsoft vulnerability has been exploited
The bug comes from incorrect access control in SMB (Server Message Block), which allows users and applications to access files or folders on remote systems as if they were local. Files and printers can e.g. shared between computers.
“An attacker could execute a specially crafted malicious script to force the victim machine to connect back to the attack system using SMB and authenticate,” CISA wrote.
Successful attacks cold grant system-level privileges.
Microsoft hasn’t commented on the new exploit, but the company has already fixed the issue, so it’s up to users to make sure they’re up to date.
In addition to installing all updates—not just the June patch—to maintain maximum protection against bugs and vulnerabilities, users can monitor for unusual outgoing SMB traffic in this case.
Limiting SMB exposure to only trusted networks would also minimize potential leaks.
Microsoft credited researchers from CrowdStrike, Google’s Project Zero and more for bringing the issue to light.
Cybersecurity firm Vicarius has released a detection script to identify whether a user’s version of Windows is affected by the CVE if SMB signing is enabled and to detail a fix.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
The best antivirus for all budgets
