- CVE-2025-33073 causes Windows users to face SMB vulnerability
- Microsoft issued a fix in June 2025: Make sure you are up to date
- Google researchers were among those who discovered it.
Microsoft has acknowledged that older versions of Windows 10, Windows 11, and Windows Server could be exploited due to an SMB-related vulnerability.
The vulnerability, tracked as CVE-2025-33073 with a score of 8.8, was added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) list of known exploited vulnerabilities (KEV) on October 20.
Fortunately, Microsoft has already released a fix for this, so anyone who applied the June 2025 Patch Tuesday update should be safe, but those who haven’t should act promptly.
CISA says this Microsoft vulnerability has been exploited
The error comes from inadequate access controls in SMB (Server Message Block), which allows users and applications to access files or folders on remote systems as if they were local. For example, files and printers can be shared between computers.
“An attacker could execute a specially crafted malicious script to force the victim machine to reconnect to the attack system via SMB and authenticate,” CISA wrote.
Successful attacks grant system-level privileges.
Microsoft has not commented on the new exploit, however the company has already fixed the issue, so it is up to users to make sure they are up to date.
In addition to installing all updates (not just the June patch) to maintain maximum protection against bugs and vulnerabilities, users can monitor unusual outgoing SMB traffic in this case.
Restricting SME exposure to trusted networks would also minimize potential leaks.
Microsoft credited researchers from CrowdStrike, Google’s Project Zero and more for bringing the issue to light.
Cybersecurity company Vicarius has published a detection script to identify whether a user’s version of Windows is affected by the CVE, whether SMB signing is enabled, and to detail a solution.
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
The best antivirus for all budgets
