Microsoft Fixes Wormable Remote Code Execution Flaw in Windows and Server
gbhackersMicrosoft has released critical security updates addressing a severe remote code execution vulnerability that could allow attackers to execute malicious code across networks without user interaction.
The vulnerability, tracked as CVE-2025-47981, affects Windows client machines running Windows 10 version 1607 and above, potentially exposing millions of systems to cyberattacks.
Critical Security Vulnerability Details
The SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability represents a significant threat to enterprise and consumer Windows environments.
This heap-based buffer overflow vulnerability allows unauthorized attackers to execute arbitrary code remotely over network connections, making it particularly dangerous for networked environments.
Attribute | Value |
CVE ID | CVE-2025-47981 |
Impact | Remote Code Execution |
Severity | Critical |
CVSS Score | 9.8 / 8.5 |
Security researchers have classified this vulnerability as wormable, meaning malicious code could potentially spread from one compromised system to another without human intervention.
The vulnerability received a critical CVSS score of 9.8 out of 10 ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE