The Centre for Cybersecurity Belgium warned that CVE-2026-41089, a critical Windows Netlogon flaw, is now being actively exploited in the wild and could enable remote code execution on vulnerable domain controllers. Microsoft had previously patched the issue in May 2026, and the advisory says all currently supported Windows Server versions, including Windows Server 2025, are affected. #CVE-2026-41089 #Windows #Netlogon #WindowsServer2025
Keypoints
- CCB warned that CVE-2026-41089 is being actively exploited in the wild.
- The flaw affects Windows Netlogon on supported Windows Server versions.
- Successful exploitation could lead to remote code execution on domain controllers.
- Microsoft patched the vulnerability during the May 2026 Patch Tuesday.
- Admins are urged to patch vulnerable servers immediately.