Wednesday, May 7, 2025
HomeCyber Security NewsWindows Server 2012 0-day Vulnerability Exposes Critical Security Flaw

Windows Server 2012 0-day Vulnerability Exposes Critical Security Flaw

Published on

SIEM as a Service

Follow Us on Google News

Cybersecurity researchers have identified a critical 0-day vulnerability in Windows Server 2012 and Server 2012 R2.

This previously unknown security flaw allows attackers to bypass the Mark of the Web (MoTW) verification on certain files, posing a significant threat to affected systems.

Vulnerability Details

The vulnerability, which was introduced over two years ago, has managed to evade detection despite the high level of scrutiny applied to Windows Server systems.

- Advertisement - Google News

Even servers that have been fully updated with Extended Security Updates are vulnerable. This discovery underscores the persistent challenges in maintaining security in older software systems.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

The researchers, who are holding back detailed information to prevent potential exploitation, have already notified Microsoft, as a report by 0Patch. They are awaiting an official fix from the tech giant, which could take time given the complexity of the issue.

In response to this critical security gap, the researchers have promptly issued micropatches.

These temporary fixes are being provided free of charge until Microsoft releases an official update. The micro patches cover the following configurations:

  • Legacy Windows Versions:
    • Windows Server 2012 updated to October 2023
    • Windows Server 2012 R2 updated to October 2023
  • Windows Versions Still Receiving Windows Updates:
    • Windows Server 2012 with Extended Security Updates
    • Windows Server 2012 R2 with Extended Security Updates

These patches have been seamlessly distributed to all affected computers with the 0patch Agent in PRO or Enterprise accounts.

Users can apply these micropatches without needing to reboot their systems, ensuring minimal disruption to operations.

The discovery of this vulnerability highlights the ongoing risk associated with unsupported Windows versions. Vulnerabilities are routinely identified and can be exploited by attackers aware of these security lapses.  

This proactive approach is crucial in maintaining security while awaiting a more permanent solution from Microsoft.

It emphasizes the importance of layered security strategies and the role of third-party solutions in closing gaps left by official updates.

Analyse Advanced Malware & Phishing Analysis With ANY.RUN Black Friday Deals : Get up to 3 Free Licenses.

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6...

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...

Healthcare Sector Becomes a Major Target for Cyber Attacks in 2025

The healthcare sector has emerged as a prime target for cyber attackers, driven by...

SysAid ITSM Vulnerabilities Enables Pre-Auth Remote Command Execution

Security researchers have disclosed a chain of critical vulnerabilities affecting SysAid ITSM’s On-Premise solution,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...

Healthcare Sector Becomes a Major Target for Cyber Attacks in 2025

The healthcare sector has emerged as a prime target for cyber attackers, driven by...

SysAid ITSM Vulnerabilities Enables Pre-Auth Remote Command Execution

Security researchers have disclosed a chain of critical vulnerabilities affecting SysAid ITSM’s On-Premise solution,...