CISA warned U.S. federal agencies to secure systems against a Windows Task Host privilege escalation vulnerability that could allow local attackers to obtain SYSTEM privileges. Tracked as CVE-2025-60710 and patched by Microsoft in November 2025, the link-following flaw affects Windows 11 and Windows Server 2025 and prompted a two-week remediation order for FCEB agencies. #CVE-2025-60710 #TaskHost
Keypoints
- CVE-2025-60710 is a link-following vulnerability in the Task Host component.
- Local attackers with basic user permissions can exploit it to elevate to SYSTEM privileges.
- The flaw affects Windows 11 and Windows Server 2025 and was patched by Microsoft in November 2025.
- CISA added the vulnerability to its actively exploited catalog and ordered FCEB agencies to remediate within two weeks under BOD 22-01.
- CISA urged all organizations to apply the patch or mitigations immediately to prevent full system compromise.