More info on CVE-2025-60710 which
April 15, 2026, By Sergiu Gatlan
CISA warned U.S. government agencies to secure their systems against a Windows Task Host privilege escalation vulnerability that could allow attackers to gain SYSTEM privileges.
Task Host is a core Windows system component that serves as a container for DLL-based processes, allows them to operate in the background, and ensures they close properly during shutdown to prevent data corruption.
Tracked as CVE-2025-60710, this Windows security flaw stems from a link following weakness affecting Windows 11 and Windows Server 2025 devices and was patched by Microsoft in November 2025.
The vulnerability can be exploited by local attackers with basic user permissions via low-complexity attacks, enabling them to gain SYSTEM privileges and take full control of the compromised device.
"Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally," Microsoft explains.
On Monday, CISA added CVE-2025-60710 to its catalog of actively exploited vulnerabilities and gave Federal Civilian Executive Branch (FCEB) agencies two weeks to secure their systems, as mandated by the November 2021 Binding Operational Directive (BOD) 22-01.