CISA Flags Exploited Windows Task Host Flaw Elevating Privileges

April 15, 2026 at 09:29 PM

•

1 min read

CISA Flags Exploited Windows Task Host Flaw Elevating Privileges — Photo: BleepingComputer

TL;DR Summary

CISA has labeled CVE-2025-60710 a actively exploited Windows Task Host privilege-escalation flaw, urging all organizations to patch within two weeks under Binding Operational Directive 22-01. The link-following vulnerability affects Windows 11 and Windows Server 2025 and can be exploited by users with basic permissions to gain SYSTEM-level control; Microsoft patched the issue in November 2025, but Microsoft’s advisory has not yet confirmed active exploitation, so defenders should apply vendor mitigations or discontinue the affected component per CISA guidance.

Topics:technology #cisa #cve-2025-60710 #patch-management #privilege-escalation #security #windows-task-host

Share this article

CISA flags Windows Task Host vulnerability as exploited in attacks BleepingComputer
Ancient Excel bug comes out of retirement for active attacks theregister.com
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software The Hacker News
CISA Warns of Fortinet SQL Injection Vulnerability Actively Exploited in Attacks CyberSecurityNews
Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities SecurityWeek

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

88%

646 → 78 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights