Threat actors are actively exploiting a critical Windows Netlogon vulnerability, tracked as CVE-2026-41089, to gain remote code execution on domain controllers. Centre for Cybersecurity Belgium urges immediate patching as the flaw can let unauthenticated attackers run code with System privileges on affected Windows servers. #CVE-2026-41089 #WindowsNetlogon #CentreforCybersecurityBelgium #Microsoft
Keypoints
- CVE-2026-41089 is a critical Windows Netlogon flaw with a CVSS score of 9.8.
- The bug is a stack-based buffer overflow that can be triggered with crafted network requests.
- Unauthenticated attackers can target Windows servers acting as domain controllers.
- CCB says the vulnerability is being actively exploited in the wild.
- Organizations are urged to patch immediately to reduce the risk of System-level code execution.
Read More: https://www.securityweek.com/critical-windows-netlogon-vulnerability-in-attackers-crosshairs/