Sign in / up

back to article Feds flag active exploitation of patched Windows SMB vuln

Uncle Sam's cyber wardens have warned that a high-severity flaw in Microsoft's Windows SMB client is now being actively exploited – months after it was patched. The bug, tracked as CVE-2025-33073, was added to CISA's Known Exploited Vulnerabilities (KEV) catalogue on October 20, confirming that real-world attackers are using …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Mike007 Silver badge

    To preempt anyone thinking of posting something about port blocking... Modern SMB uses QUIC on UDP/443 (the same as HTTP/3, so not something a properly configured network should be blocking).

    I assume a vulnerability at the SMB layer should be just as exploitable using that transport as any other. (However I believe QUIC support is only enabled by default in windows 11?)

    1 1 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      really?

      The only internet accessible windows server (IIS) on my network doesn't have internet access. Are you saying that http.sys will gladly connect an inbound quic stream to a process other than IIS?

      0 0 Reply
  2. JohnSheeran
    Trollface

    Weird. I thought DOGE got rid of CISA effectively.

    5 1 Reply
    1. ecofeco Silver badge
      Reply Icon

      They tried. They honestly tried hard to end CISA. But a judge blocked them.

      It HAS been seriously hobbled, but it's not dead yet.

      2 1 Reply
      1. JohnSheeran
        Reply Icon

        Not that I support the Corporate Downsizing DOGE efforts but there is always a general lack of transparency when it comes to government actions and impacts. Funding rarely tells the whole story of how departments like these are impacted. Even the funding model in the US government is not easily understood. So, as it was intended, I made a trolling joke.

        1 1 Reply
  3. DarkwavePunk Silver badge

    SMB

    I'd actually forgotten that it existed. Probably not the same beast I remember from the stone age, but obviously just as "fun".

    2 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like