Primary

Context

Microsoft Windows Storage Spoofing Vulnerability

Vulnerability

A spoofing vulnerability has been identified in Windows Storage, allowing an authorized attacker to manipulate file names or paths over the network. This issue affects multiple Windows products, including Windows Server 2016, Windows 10 Version 1607, Windows 11 Version 24H2, and Windows Server 2022. The vulnerability arises from external control of file names or paths, which could be exploited to deceive users or systems.

Impact

Exploitation of this vulnerability could lead to spoofing, allowing an attacker to impersonate services or interfaces and potentially redirect network traffic.

Remediation

Users can apply the security updates KB5062560, KB5062561, KB5062553, or KB5062570, depending on their Windows version. These updates are available through the Microsoft Update Catalog.

Added: Jul 8, 2025, 6:14 PM

Updated: Jul 8, 2025, 6:14 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

3.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

3.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Windows Storage Spoofing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Windows Server 2016

Microsoft Windows 10

Microsoft Windows Server 2025

Microsoft Windows 11

Microsoft Windows Server 2022

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating