Free unofficial patches can be found for a brand new Home windows zero-day vulnerability that enables attackers to crash the Distant Entry Connection Supervisor (RasMan) service.
RasMan is a vital Home windows system service that begins mechanically, runs within the background with SYSTEM-level privileges, and manages VPN, Level-to-Level Protocol over Ethernet (PPoE), and different distant community connections.
ACROS Safety (which manages the 0patch micropatching platform) found a brand new denial-of-service (DoS) flaw whereas wanting into CVE-2025-59230, a Home windows RasMan privilege escalation vulnerability exploited in assaults that was patched in October.
The DoS zero-day has not been assigned a CVE ID and stays unpatched throughout all Home windows variations, together with Home windows 7 by means of Home windows 11 and Home windows Server 2008 R2 by means of Server 2025.
Because the researchers discovered, when mixed with CVE-2025-59230 (or related elevation-of-privileges flaws), it permits attackers to execute code by impersonating the RasMan service. Nevertheless, that assault solely works when RasMan is just not operating.
The brand new flaw supplies the lacking puzzle piece, enabling menace actors to crash the service at will and opening the door to privilege escalation assaults that Microsoft thought it had closed.
Unprivileged customers can exploit the zero-day to crash the RasMan service as a result of a coding error in the way it processes round linked lists. When the service encounters a null pointer whereas traversing a listing, it makes an attempt to learn reminiscence from that pointer somewhat than exiting the loop, inflicting a crash.
“We’re conscious of the denial-of-service subject as reported and can deal with this in a future repair,” a Microsoft spokesperson instructed BleepingComputer when requested for extra particulars. “Clients who’ve utilized the October patches for CVE-2025-59230 are protected in opposition to exploitation of the difficulty for Elevation of Privilege (EoP).”
ACROS Safety now supplies free, unofficial safety patches for this Home windows RasMan zero-day by way of its 0Patch micropatching service for all affected Home windows variations till Microsoft releases an official repair.
To put in the micropatch in your system, it’s important to create an account and set up the 0Patch agent. As soon as launched, the agent will mechanically apply the micropatch with out requiring a restart until a customized patching coverage blocks it.
“We alerted Microsoft about this subject; they’ll doubtless present an official patch for still-supported Home windows variations in one in all future Home windows updates,” ACROS Safety CEO Mitja Kolsek mentioned at present.
“As at all times, we included these 0day patches in our FREE plan till the unique vendor has supplied their official patch.”
Replace December 13, 10:07 EST: Added Microsoft assertion
Damaged IAM is not simply an IT drawback – the influence ripples throughout your complete enterprise.
This sensible information covers why conventional IAM practices fail to maintain up with trendy calls for, examples of what “good” IAM seems to be like, and a easy guidelines for constructing a scalable technique.
