**Name of the Vulnerable Software and Affected Versions:**

Windows Kerberos versions prior to August 2025 Patch Tuesday

Windows Server 2025 (affected versions not specified)

Windows 11 versions 23H2 and 22H2 (affected versions not specified)

Windows 11 version 24H2 (affected versions not specified)

Windows 10 (affected versions not specified)

**Description:**

A relative path traversal vulnerability exists in Windows Kerberos that allows an authorized attacker to elevate privileges on a network. This vulnerability, also known as “BadSuccessor” (CVE-2025-53779), affects delegated Managed Service Accounts in Windows Server 2025, potentially allowing authenticated attackers to gain domain administrator rights. The vulnerability was actively exploited prior to the release of a patch. Approximately 0.7% of Active Directory domains are estimated to be affected. The vulnerability involves an elevation-of-privilege flaw that can impact the system.

**Recommendations:**

Apply the August 2025 Patch Tuesday updates for all affected Windows versions.

For Windows 11 version 24H2, install KB5063878.

For Windows 11 versions 23H2 and 22H2, install KB5063875.

For Windows 10, install KB5063709.