Microsoft has launched an out-of-band (OOB) replace to repair a safety vulnerabilities affecting Home windows 11 Enterprise gadgets that obtain hotpatch updates as an alternative of the common Patch Tuesday cumulative updates.
The KB5084597 hotpatch replace was launched yesterday to repair vulnerabilities within the Home windows Routing and Distant Entry Service (RRAS) administration device that might enable distant code execution when connecting to a malicious server.
“Microsoft has recognized a safety difficulty within the Home windows Routing and Distant Entry Service (RRAS) administration device that might enable distant code execution when connecting to a malicious server,” reads an advisory from Microsoft.
“This difficulty solely applies to a restricted set of eventualities involving Enterprise shopper gadgets operating hotpatch updates and getting used for distant server administration.”
The KB5084597 replace is for Home windows 11 variations 25H2 and 24H2, in addition to Home windows 11 Enterprise LTSC 2024 programs.
Microsoft says the vulnerabilities mounted by this hotpatch are tracked as CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111, which had been mounted as a part of the March 2026Â Patch Tuesday updates.
“An attacker authenticated on the area may exploit this vulnerability by tricking a domain-joined person into sending a request to a malicious server by way of the Routing and Distant Entry Service (RRAS) Snap-in,” reads the outline for all three flaws.
The corporate says the hotpatch replace is cumulative and contains all fixes and enhancements from the March 2026 Home windows safety replace launched on March 10.
Whereas the vulnerabilities had been already mounted on Patch Tuesday, putting in cumulative updates requires gadgets to be rebooted. Nevertheless, some gadgets are used for mission-critical functions and providers that can not be simply rebooted.
To guard all these gadgets, hotpatch updates apply new vulnerability fixes by performing in-memory patching of operating processes to ship fixes. On the identical time, they replace the recordsdata on disk in order that the following time the system reboots, the fixes are nonetheless current.
Microsoft says it beforehand launched hotfixes for these flaws, however re-released them yesterday “guarantee complete protection throughout all affected eventualities.”
Nevertheless, Microsoft says the hotpatch will solely be provided to gadgets enrolled within the hotpatch replace program and managed by way of Home windows Autopatch, the place it is going to be put in robotically with out requiring a restart.
Malware is getting smarter. The Pink Report 2026 reveals how new threats use math to detect sandboxes and conceal in plain sight.
Obtain our evaluation of 1.1 million malicious samples to uncover the highest 10 methods and see in case your safety stack is blinded.
