嗯,用户让我用中文总结一篇文章,控制在一百个字以内,而且不需要特定的开头。首先,我需要仔细阅读这篇文章,抓住主要信息。 文章讲的是CISA警告美国政府机构防范Windows Task Host的一个权限提升漏洞,编号CVE-2025-60710。这个漏洞可以让攻击者获得SYSTEM权限,影响Windows 11和Windows Server 2025。微软已经在2025年11月修补了这个漏洞。 接下来,用户要求总结在一百字以内。我需要提取关键点:CISA警告、漏洞名称、影响系统、攻击者权限提升、微软修补时间。然后把这些信息简洁地组合起来。 还要注意语言要通顺,避免使用专业术语过多,让读者容易理解。最后检查字数,确保不超过限制。 </think> CISA警告美国政府机构防范Windows Task Host权限提升漏洞CVE-2025-60710,该漏洞可使攻击者获得SYSTEM权限并控制设备。微软已修复此漏洞,CISA要求机构在两周内完成系统加固以应对潜在威胁。 2026-4-15 15:1:46 Author: www.bleepingcomputer.com(查看原文) 阅读量:8 收藏
CISA warned U.S. government agencies to secure their systems against a Windows Task Host privilege escalation vulnerability that could allow attackers to gain SYSTEM privileges.
Task Host is a core Windows system component that serves as a container for DLL-based processes, allows them to operate in the background, and ensures they close properly during shutdown to prevent data corruption.
Tracked as CVE-2025-60710, this Windows security flaw stems from a link following weakness affecting Windows 11 and Windows Server 2025 devices and was patched by Microsoft in November 2025.
The vulnerability can be exploited by local attackers with basic user permissions via low-complexity attacks, enabling them to gain SYSTEM privileges and take full control of the compromised device.
"Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally," Microsoft explains.
On Monday, CISA added CVE-2025-60710 to its catalog of actively exploited vulnerabilities and gave Federal Civilian Executive Branch (FCEB) agencies two weeks to secure their systems, as mandated by the November 2021 Binding Operational Directive (BOD) 22-01.
CISA didn't share any details regarding these attacks, and Microsoft has yet to update its security advisory to confirm active exploitation.
Although BOD 22-01 applies only to U.S. federal agencies, CISA has urged all defenders (including those in the private sector) to deploy CVE-2025-60710 patches and secure their organizations' networks as soon as possible.
"This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise," the U.S. cybersecurity agency warned.
"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable."
One week ago, CISA gave federal agencies four days to secure their networks against a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since January.
Earlier this week, Microsoft also released security updates addressing 167 vulnerabilities, including 2 zero-day flaws, as part of its April 2026 Patch Tuesday.
Automated Pentesting Covers Only 1 of 6 Surfaces.
Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the other.
This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic questions for any tool evaluation.
如有侵权请联系:admin#unsafe.sh