Threat Advisory

Windows Task Host Vulnerability Exposes Elevation Flaw

Threat: Vulnerability
Targeted Region: U.S.
Targeted Sector: Government & Defense, Technology & IT
Criticality: High
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

CVE-2025-60710 with a CVSS score of TBD is a privilege escalation vulnerability affecting Windows 11 and Windows Server 2025 devices. Task Host is a core Windows system component that serves as a container for DLL-based processes, allowing them to operate in the background, and ensuring they close properly during shutdown to prevent data corruption. The vulnerability, stemming from a link following weakness, can be exploited by local attackers with basic user permissions via low-complexity attacks, enabling them to gain SYSTEM privileges and take full control of the compromised device. This allows an authorized attacker to elevate privileges locally, resulting in unauthorized access to sensitive system resources and data. The business impact and consequences of exploitation include potential data breaches, system compromise, and unauthorized access to sensitive information. To exploit this vulnerability, an attacker requires local access to the affected device.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

CVE-2025-60710 with a CVSS score of TBD is a privilege escalation vulnerability affecting Windows 11 and Windows Server 2025 devices. Task Host is a core Windows system component that serves as a container for DLL-based processes, allowing them to operate in the background, and ensuring they close properly during shutdown to prevent data corruption. The vulnerability, stemming from a link following weakness, can be exploited by local attackers with basic user permissions via low-complexity attacks, enabling them to gain SYSTEM privileges and take full control of the compromised device. This allows an authorized attacker to elevate privileges locally, resulting in unauthorized access to sensitive system resources and data. The business impact and consequences of exploitation include potential data breaches, system compromise, and unauthorized access to sensitive information. To exploit this vulnerability, an attacker requires local access to the affected device.[emaillocker id="1283"]

RECOMMENDATION:

We recommend you to update Windows to below version link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60710

REFERENCES:

The following reports contain further technical details:
https://www.bleepingcomputer.com/news/security/cisa-flags-windows-task-host-vulnerability-as-exploited-in-attacks/

[/emaillocker]
crossmenu