CP
cyberpings
VulnerabilitiesCRITICAL

Critical RRAS RCE Vulnerabilities Patched in Windows 11

CSCyber Security News
CVE-2026-25172CVE-2026-25173CVE-2026-26111Windows 11RRAS
🎯

Basically, Microsoft fixed serious flaws in Windows 11 that could let hackers take control of your computer.

Quick Summary

Microsoft released a hotpatch for critical RRAS vulnerabilities in Windows 11. These flaws could allow hackers to execute code remotely. Users should ensure their systems are updated to protect against potential attacks.

The Flaw

On March 13, 2026, Microsoft released an urgent hotpatch? update for Windows 11, addressing three critical vulnerabilities in the Windows Routing and Remote Access Service (RRAS?). These vulnerabilities, tracked as CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111, pose significant risks, allowing attackers to execute malicious code remotely or disrupt service operations. The RRAS? tool is essential for managing remote connectivity and VPN services, making these flaws particularly concerning for both individual users and enterprises.

The vulnerabilities stem from the way RRAS? handles connections. An attacker could set up a rogue server and wait for a user to connect. Once connected, they could potentially execute arbitrary code on the victim's device. This scenario highlights the critical nature of the vulnerabilities, especially in enterprise environments where remote access is commonplace.

What's at Risk

The affected versions include Windows 11, specifically versions 24H2 and 25H2, with OS Builds 26200.7982 and 26100.7982. Both x64 and Arm64 architectures are impacted. The risk is particularly high for organizations that rely heavily on RRAS? for remote access management. If exploited, these vulnerabilities could lead to unauthorized access and control over sensitive systems, resulting in data breaches or service disruptions.

Given the potential for remote code execution?, the implications of these vulnerabilities extend beyond mere inconvenience. They could lead to significant operational and financial damage, especially for businesses that depend on secure remote connectivity.

Patch Status

The hotpatch? update, identified as KB5084597, is designed to be applied without requiring a device restart, minimizing downtime for users and organizations. This is particularly beneficial for enterprises managing large fleets of machines. The hotpatch? is only available for devices that support hotpatch?ing, which means not all Windows 11 users will receive this specific update automatically.

In addition to the hotpatch?, Microsoft has bundled the latest Servicing Stack Update (SSU)?KB5083532 — to ensure the update infrastructure remains current. Organizations are encouraged to verify that hotpatch? functionality is enabled across eligible endpoints to ensure they receive these critical updates promptly.

Immediate Actions

For users and administrators, it is crucial to prioritize the installation of this hotpatch?. Organizations that utilize RRAS? should confirm that the update is installed across all relevant devices. Regularly checking for updates and ensuring that hotpatch?ing is enabled can help mitigate the risks posed by these vulnerabilities.

In summary, the release of this hotpatch? underscores the importance of maintaining up-to-date security measures in an increasingly interconnected world. With cyber threats evolving rapidly, staying vigilant and proactive is essential to safeguarding sensitive information and infrastructure.

💡 Tap dotted terms for explanations

🔒 Pro insight: The rapid deployment of this hotpatch reflects the urgency of mitigating RCE risks in enterprise environments reliant on RRAS.

Original article from

Cyber Security News · Guru Baran

Read Full Article

Share

Related Pings

HIGHVulnerabilities

FortiGate Firewalls Targeted in High-Severity Exploit Wave

FortiGate firewalls are under attack as hackers exploit critical vulnerabilities. Organizations using these firewalls are at risk of credential theft and network breaches. Immediate patching and credential rotation are essential to mitigate these threats.

Cyber Security News·
HIGHVulnerabilities

March Patch Tuesday Fixes 84 Vulnerabilities Across 15 Products

Microsoft's March Patch Tuesday addressed 84 vulnerabilities across various products. Eight are critical, but none affect Windows directly. Stay updated to protect your systems from potential exploits.

Sophos News·
HIGHVulnerabilities

Microsoft Issues Urgent Hotpatch for Windows 11 RCE Vulnerability

Microsoft has released a critical hotpatch for Windows 11 to fix serious vulnerabilities. Affected devices include Windows 11 Enterprise systems. This update is crucial to prevent remote code execution that could compromise sensitive data.

BleepingComputer·
CRITICALVulnerabilities

Critical Vulnerability in HPE AOS-CX Allows Password Resets

The Flaw Hewlett Packard Enterprise (HPE) has reported a critical-severity vulnerability in its Aruba Networking AOS-CX switches, tracked as CVE-2026-23813. This vulnerability has a CVSS score of 9.8, indicating its severity. It allows attackers to reset administrator passwords remotely and without any authentication, effectively bypassing existing security measures. This flaw affects various models, including the CX 4100i, CX 6000,

SecurityWeek·
HIGHVulnerabilities

Critical LangSmith Vulnerability Exposes Users to Account Takeover

A critical vulnerability in LangSmith could allow hackers to take over user accounts. This flaw affects users who rely on LangSmith for AI data monitoring. Immediate action is required to ensure security and protect sensitive information.

Cyber Security News·
HIGHVulnerabilities

Windows 11 Bug Locks Users Out of System Drive C

A critical bug in Windows 11 is locking users out of their system drives. Affected Samsung devices are unable to access essential applications. Microsoft is investigating the issue and advises users to wait for a patch.

Cyber Security News·