Microsoft has recently issued patches to address a total of 67 security vulnerabilities, with one zero-day flaw in Web Distributed Authoring and Versioning (WebDAV) being actively exploited in the wild.
Out of the 67 vulnerabilities, 11 are classified as Critical and 56 as Important, including remote code execution, information disclosure, and privilege escalation flaws.
These patches supplement the 13 issues resolved by Microsoft in its Chromium-based Edge browser since the last Patch Tuesday update.
The zero-day vulnerability under attack is a remote code execution flaw in WebDAV (CVE-2025-33053) discovered by Check Point researchers, making it the first zero-day vulnerability in the WebDAV standard.
Check Point attributes the exploitation of CVE-2025-33053 to a threat actor known as Stealth Falcon, who has a history of leveraging Windows zero-days in their attacks.
The attack chain observed against a defense company in Turkey involved the use of CVE-2025-33053 to deploy the Horus Agent implant, which is part of the Mythic C2 framework.
Horus Agent is considered an advancement of the Apollo implant, featuring victim fingerprinting capabilities and smaller payload size.
The threat actor has also been seen using tools like Credential Dumper, Passive backdoor, and Keylogger in their attacks.
The active exploitation of CVE-2025-33053 has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to the Known Exploited Vulnerabilities catalog.
Microsoft has also addressed other critical vulnerabilities, including a privileged escalation flaw in Power Automate and elevation of privilege flaws in various Windows components.
Additionally, patches have been released by various other vendors to address security vulnerabilities in their respective products.
For more exclusive content, follow us on Twitter and LinkedIn.
