Ethical Hacking News
Microsoft has released an out-of-band (OOB) hotpatch update to fix a critical security vulnerability in the Windows Routing and Remote Access Service (RRAS) management tool. The hotpatch addresses vulnerabilities that could allow remote code execution when connecting to a malicious server, primarily affecting Windows 11 Enterprise devices that rely on hotpatch updates.
The Microsoft has released an out-of-band (OOB) hotpatch update KB5084597 to fix a critical security vulnerability in the Windows Routing and Remote Access Service (RRAS) management tool. The hotpatch addresses vulnerabilities in Windows 11 Enterprise devices that rely on hotpatch updates instead of regular Patch Tuesday cumulative updates. The vulnerability, tracked under CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111, allows remote code execution when connecting to a malicious server via the RRAS Snap-in. The hotpatch will only be offered to devices enrolled in the hotpatch update program and managed through Windows Autopatch, ensuring minimal downtime for mission-critical applications.
Microsoft has issued an out-of-band (OOB) hotpatch update to fix a critical security vulnerability in the Windows Routing and Remote Access Service (RRAS) management tool, which could allow remote code execution when connecting to a malicious server. The hotpatch, designated as KB5084597, was released on March 13, 2026, to address vulnerabilities in Windows 11 Enterprise devices that rely on hotpatch updates instead of the regular Patch Tuesday cumulative updates.
The vulnerability, tracked under CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111, was previously patched as part of the March 2026 Windows security update released on March 10. However, Microsoft has now issued a hotpatch to provide additional protection for devices that are used for mission-critical applications and services that cannot be easily rebooted.
According to an advisory from Microsoft, the RRAS management tool is susceptible to remote code execution when a domain-joined user is tricked into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. The vulnerability can be exploited by an attacker who has authenticated on the domain.
The hotpatch update, which includes all fixes and improvements from the March 2026 Windows security update, will only be offered to devices enrolled in the hotpatch update program and managed through Windows Autopatch. This ensures that critical updates are applied to affected devices without requiring a restart, thereby minimizing downtime for mission-critical applications.
It is worth noting that Microsoft had previously released hotfixes for these vulnerabilities, but re-released them as part of this new hotpatch to provide comprehensive coverage across all affected scenarios. The company's proactive approach to addressing this vulnerability highlights the importance of keeping Windows 11 Enterprise devices up-to-date with the latest security patches.
As the threat landscape continues to evolve, it is essential for organizations to prioritize the security and integrity of their IT infrastructure. This includes implementing a robust update management process that ensures all critical updates are applied in a timely manner, without disrupting business operations.
In conclusion, Microsoft's release of the Windows 11 OOB hotpatch addresses a critical vulnerability in the RRAS management tool, which could allow remote code execution when connecting to a malicious server. By offering this hotpatch, Microsoft provides organizations with an additional layer of protection against potential security threats, ensuring that their Windows 11 Enterprise devices are better equipped to handle complex and dynamic threat environments.
Related Information:
https://www.ethicalhackingnews.com/articles/Microsoft-Urges-Windows-11-Enterprise-Devices-to-Update-to-Patch-Against-Critical-RRAS-Vulnerability-ehn.shtml
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-11-oob-hotpatch-to-fix-rras-rce-flaw/
https://nvd.nist.gov/vuln/detail/CVE-2026-25172
https://www.cvedetails.com/cve/CVE-2026-25172/
https://nvd.nist.gov/vuln/detail/CVE-2026-25173
https://www.cvedetails.com/cve/CVE-2026-25173/
https://nvd.nist.gov/vuln/detail/CVE-2026-26111
https://www.cvedetails.com/cve/CVE-2026-26111/
Published: Sat Mar 14 17:25:53 2026 by llama3.2 3B Q4_K_M
