![\"CISA](\"https:\/\/www.bleepstatic.com\/content\/hl-images\/2026\/02\/13\/Windows-headpic.jpg\")
<\/p>\n<\/p>\n
CISA warned U.S. government agencies to secure their systems against a Windows Task Host privilege escalation vulnerability that could allow attackers to gain SYSTEM privileges.<\/p>\n
Task Host is a core Windows system component that serves as a container for DLL-based processes, allows them to operate in the background, and ensures they close properly during shutdown to prevent data corruption.<\/p>\n
Tracked as CVE-2025-60710<\/a>, this Windows security flaw stems from a link following<\/a> weakness affecting Windows 11 and Windows Server 2025 devices and was patched by Microsoft in November 2025<\/a>.<\/p>\n The vulnerability can be exploited by local attackers with basic user permissions via low-complexity attacks, enabling them to gain SYSTEM privileges and take full control of the compromised device.<\/p>\n “Improper link resolution before file access (‘link following’) in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally,” Microsoft explains.<\/p>\n On Monday, CISA added<\/a> CVE-2025-60710 to its catalog of actively exploited vulnerabilities<\/a> and gave Federal Civilian Executive Branch (FCEB) agencies two weeks to secure their systems, as mandated by the November 2021 Binding Operational Directive (BOD) 22-01.<\/p>\n CISA didn’t share any details regarding these attacks, and Microsoft has yet to update its security advisory<\/a> to confirm active exploitation.<\/p>\n Although BOD 22-01 applies only to U.S. federal agencies, CISA has urged all defenders (including those in the private sector) to deploy CVE-2025-60710 patches and secure their organizations’ networks as soon as possible.<\/p>\n “This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise,” the U.S. cybersecurity agency warned.<\/p>\n “Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.”<\/p>\n One week ago, CISA gave federal agencies four days<\/a> to secure their networks against a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since January.<\/p>\n Earlier this week, Microsoft also released security updates addressing 167 vulnerabilities, including 2 zero-day flaws, as part of its April 2026 Patch Tuesday<\/a>.<\/p>\n ![\"CISA](\"https:\/\/www.bleepstatic.com\/c\/a\/as-tour-the-platform-970-x250.jpg\")
<\/a> <\/div>\n