Microsoft Windows Server 2016
Moderate fix1 remedy
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*
Moderate fix1 remedy
Microsoft Windows Core Shell Spoofing Vulnerability
Vulnerability
A vulnerability in Windows Core Shell allows unauthorized attackers to perform spoofing over a network by externally controlling file names or paths. This issue affects multiple Windows versions, including Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022. The vulnerability arises from the handling of file names and paths, which can be manipulated to deceive users or systems.
Impact
Exploitation of this vulnerability could lead to unauthorized spoofing, allowing attackers to impersonate or mislead users or systems over the network.
Reproduction
Exploitation of this vulnerability requires user interaction, such as opening the parent folder in File Explorer, clicking on the file, dragging the file, or deleting the file. These actions can trigger the leakage of the NTLM hash, which is a part of the authentication process in Windows.
Remediation
Users can apply the security update provided by Microsoft to address this vulnerability. This security update is available through the Microsoft Update Catalog.
Added: Oct 14, 2025, 6:15 PM
Updated: Oct 14, 2025, 8:41 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
1.3exploitability
4.8remediation
7.7relevance
0.7threat
1.6urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.