Positive Technologies helps strengthen security of Windows PCs and servers

Microsoft has released updates for several products to fix a vulnerability discovered by Marat Gayanov of the Positive Technologies Expert Security Center (PT ESC). Exploitation of this issue can crash affected system and disrupt operations. Up to 96% of Windows PC users and organizations running Microsoft Server solutions were potentially affected. Microsoft was notified under the responsible disclosure and has released a security update.

The vulnerability, tracked as CVE-2025-53141, carries a CVSS 3.1 score of 7.8 out of 10 and affects Windows 10, Windows 11, and Windows Server 2025. To resolve this issue, users should promptly update any affected operating systems to the versions recommended by the vendor. The complete list of recommended versions is available in the official security advisory.

Windows desktop operating systems hold 70% of the global market. As of May 2025, Windows 10 accounted for 53% and Windows 11 for 43% of Microsoft's user base. Windows Server is the second most popular server OS worldwide, according to Fortune Business Insights. Positive Technologies threat intelligence also identified more than 1.5 million vulnerable, remotely accessible Windows 11 devices as of June 2025, with the largest shares in the United States (27%), China (14%), Japan (8%), Germany and South Korea (4% each).

In July, Gayanov helped resolve CVE-2025-49686, another Windows driver vulnerability affecting 17 operating systems. That same month, patches for CVE-2025-49689 were released. Sergey Tarasov, Head of the PT ESC Vulnerability Analysis Team, discovered and helped fix that flaw. Positive Technologies has collaborated with Microsoft since 2012. Over the past two years, its security researchers have helped fix three previously unknown vulnerabilities in Microsoft products.

For stronger malicious activity detection, deploy a robust vulnerability management solution, such as MaxPatrol VM.