Name of the Vulnerable Software and Affected Versions:

Microsoft Windows (affected versions not specified)

Description:

The vulnerability is related to the WebDAV protocol in Microsoft Windows, allowing an unauthorized attacker to execute code over a network by exploiting an external control of file name or path in WebDAV servers. This issue has been exploited by the Stealth Falcon APT group in a spear-phishing campaign, using .url files to execute malware from an actor-controlled WebDAV server. The attackers have targeted high-profile entities across the Middle East and Africa, including defense and government organizations. The vulnerability has been assigned a high severity score and has been patched by Microsoft in their June 2025 Patch Tuesday updates.

Recommendations:

To resolve the issue, apply the patches provided by Microsoft for the vulnerability. Monitor for suspicious activity related to WebDAV interactions and implement detection mechanisms. Regularly update systems and software for protection against known vulnerabilities. As a temporary workaround, consider restricting access to the WebDAV protocol to minimize the risk of exploitation.