Hello! If you work on a Windows computer or server, you should be aware of this. CISA, the U.S. Cybersecurity and Infrastructure Security Agency has warned that hackers are actively exploiting a serious Windows SMB flaw to attack systems.
The bug identified as CVE-2025-33073 affects Windows 10, Windows 11, and Windows Server.
Microsoft patched this bug in June of 2025, but the challenge is that many folks haven't updated, and hackers are taking advantage of this. As a matter of fact, CISA has added it to their list of Known Exploited Vulnerabilities - meaning it is already being exploited in real attacks.
If your PC ever connects to a hacker's server which could happen just by clicking a bad link, they can then exploit this bug.
This bug gives hackers the ability to:
• Have full access to your system (SYSTEM-level access)
• Move laterally through your network hitting more devices
• Launch ransomware or steal files after entering your network
Scary, isn't it?
• Install the June 2025 Windows updates now. That's the fix.
• If you can, block SMB connections (TCP 445) from your computer to the internet.
• Enable SMB signing to ensure your file-sharing connections are trustworthy.
• Monitor your log files for strange SMB log activity — it'll give you an indicator that someone is trying to break in.
If you manage or have the responsibility for multiple Windows systems, take this very seriously. Hackers are already using it, and the sooner you patch, the more secure you will be.
I realize updates can be hard to get around to (we've all been there), but this one is worth pausing your day and doing it now. After you patch, you will feel good about your systems protecting against one more malicious exploit.
What Is Happening?
There is a serious vulnerability in Windows SMB (Server Message Block), the part of Windows that supports file sharing.The bug identified as CVE-2025-33073 affects Windows 10, Windows 11, and Windows Server.
Here Is Why That Matters
Hackers can trick your computer into connecting to a fake SMB server. Once the computer is connected, hackers now have complete control to execute programs, stealing files, and/or spreading malware.Microsoft patched this bug in June of 2025, but the challenge is that many folks haven't updated, and hackers are taking advantage of this. As a matter of fact, CISA has added it to their list of Known Exploited Vulnerabilities - meaning it is already being exploited in real attacks.
Why Do You Care
Maybe you're thinking, "I don't use SMB that much so I am fine," and that simply isn't true. SMB runs in the background on virtually every Windows based computer.If your PC ever connects to a hacker's server which could happen just by clicking a bad link, they can then exploit this bug.
This bug gives hackers the ability to:
• Have full access to your system (SYSTEM-level access)
• Move laterally through your network hitting more devices
• Launch ransomware or steal files after entering your network
Scary, isn't it?
What You Can Do
Don't panic! Just take a few rational and reasonable steps:• Install the June 2025 Windows updates now. That's the fix.
• If you can, block SMB connections (TCP 445) from your computer to the internet.
• Enable SMB signing to ensure your file-sharing connections are trustworthy.
• Monitor your log files for strange SMB log activity — it'll give you an indicator that someone is trying to break in.
If you manage or have the responsibility for multiple Windows systems, take this very seriously. Hackers are already using it, and the sooner you patch, the more secure you will be.
Final Considerations
This is that little bug which sounds limited but will cause havoc. The attackers are clearly already taking advantage, and a fix is available - update your systems now.I realize updates can be hard to get around to (we've all been there), but this one is worth pausing your day and doing it now. After you patch, you will feel good about your systems protecting against one more malicious exploit.
