Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Windows RRAS management tool remote code execution flaws (multiple vulnerabilities)

Vulnerability
First reported
Last updated
Happening score
H score 16
1 unique sources, 1 articles

Summary

Hide ▲

Windows 11 Enterprise devices using the Windows Routing and Remote Access Service (RRAS) management tool were affected by flaws that could enable remote code execution when a user connects to a malicious server. Microsoft addressed the vulnerabilities with KB5084597 and identified them as CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111.

Related Happenings

Microsoft Windows Server 2016 domain controller discovery failure after KB5087537

Service Disruption
First: 26.05.2026 10:41 Last: 26.05.2026 10:41 Sources 1

About this happening: Microsoft confirmed a **known issue** in **Windows Server 2016** after **KB5087537** that can prevent **domain controller discovery**, disrupting administrative operations and app...

Open Happening

Microsoft Windows Autopatch fix for EU restricted driver update deployment bug

Security Tool/Service
First: 13.05.2026 17:36 Last: 13.05.2026 17:36 Sources 1

About this happening: **Microsoft** fixed a **Windows Autopatch** service bug that let **restricted driver updates** reach some managed devices in the **EU**, bypassing admin approval controls and crea...

Open Happening

Microsoft MDASH enters limited private preview for AI-driven vulnerability discovery at scale

Security Tool/Service
First: 13.05.2026 16:46 Last: 13.05.2026 16:46 Sources 1

About this happening: Microsoft's **MDASH** has entered **limited private preview**, adding a new **AI-driven vulnerability discovery** service that can validate and prove exploitable defects at scale....

Open Happening

Microsoft Defender false-positively flags DigiCert root certificates and removes some from Windows trust store

Security Tool/Service
First: 03.05.2026 21:11 Last: 03.05.2026 21:11 Sources 1

About this happening: **Microsoft Defender** began falsely flagging valid **DigiCert root certificates** as **Trojan:Win32/Cerdigent.A!dha**, creating widespread false positives and risking certificate...

Open Happening

Windows RPC PhantomRPC local privilege escalation flaw

Vulnerability
First: 28.04.2026 14:31 Last: 28.04.2026 14:31 Sources 1

About this happening: **PhantomRPC** in **Windows RPC** can let a local attacker elevate to **System** across **all Windows versions**, creating a high-impact privilege-escalation path. The flaw abuses...

Open Happening

Timeline

  1. 14.03.2026 23:48 1 articles · 2mo ago

    March 2026 Patch Tuesday fixes RRAS flaws

    Mitigation Patch Update

    Microsoft ships the March 2026 Windows security update on March 10, fixing CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111 in the Windows Routing and Remote Access Service (RRAS) management tool, where an authenticated domain attacker could trick a domain-joined user into sending a request to a malicious server via the RRAS Snap-in.

    Show sources
    Open in new tab
  2. 14.03.2026 23:48 2 articles · 2mo ago

    Microsoft reissues KB5084597 hotpatch

    Initial Disclosure

    Microsoft releases KB5084597 as an out-of-band hotpatch for Windows 11 Enterprise hotpatch devices, covering Windows 11 25H2, 24H2, and Windows 11 Enterprise LTSC 2024 and automatically serving eligible devices enrolled in Windows Autopatch without requiring a restart.

    Show sources
    Open in new tab