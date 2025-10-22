CISA warns high-severity Windows SMB flaw now exploited in attacks, so update now
Watch out for this SMB vulnerability, Windows users told
- CVE-2025-33073 sees Windows users face an SMB vulnerability
- Microsoft issued a fix in June 2025 – make sure you’re up to date
- Google’s researchers were among those who discovered it
Microsoft has acknowledged older versions of Windows 10, Windows 11 and Windows Server could be exploited due to a vulnerability related to SMB.
The vulnerability, tracked as CVE-2025-33073 with a score of 8.8, was added to America’s Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) list on October 20.
Thankfully, Microsoft has already issued a fix for this, so anybody who applied June 2025’s Patch Tuesday update should be safe, but those who haven’t should act promptly.
CISA says this Microsoft vulnerability has been exploited
The bug comes from improper access controls in SMB (Server Message Block), which allows users and applications to access files or folders on remote systems as if they were local. For example, files and printers can be shared between computers.
“An attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate,” CISA wrote.
Successful attacks cold grant system-level privileges.
Microsoft has not commented on the new of exploitation, however the company did already fix the issue, so it’s on users to ensure that they’re updated.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Besides installing all updates – not just the June patch – to maintain maximum protection against bugs and vulnerabilities, users can monitor for unusual outbound SMB traffic in this instance.
Restricting SMB exposure to just trusted networks would also minimize potential leaks.
Microsoft credited researchers from CrowdStrike, Google’s Project Zero and more for bringing the issue to light.
Cybersecurity company Vicarius has published a detection script to identify whether a user’s Windows version is affected by the CVE, if SMB signing is enabled, and to detail a fix.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security
With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.