Microsoft has released patches addressing 67 vulnerabilities, including 11 rated as Critical and 56 as Important, with a notable zero-day bug in WEBDAV (CVE-2025-33053) under active exploitation. This vulnerability, discovered by researchers from Check Point, allows remote code execution by tricking users into clicking on malicious URLs. The threat actor Stealth Falcon has reportedly exploited this flaw in attacks targeting defense entities in Turkey, linking it to espionage campaigns against countries such as Qatar and Saudi Arabia. This is the first zero-day disclosure related to the WebDAV standard.
The attack used a .url file that exploited a zero-day vulnerability (CVE-2025-33053) to execute malware from an actor-controlled WebDAV server.
CVE-2025-33053 allows remote code execution through manipulation of the working directory.
Collection
[
|
...
]