{"id":3616,"date":"2025-06-15T15:49:49","date_gmt":"2025-06-15T14:49:49","guid":{"rendered":"https:\/\/aegislens.com\/home\/?p=3616"},"modified":"2025-06-15T15:49:49","modified_gmt":"2025-06-15T14:49:49","slug":"weekly-update-microsoft-zero-day-vulnerability-patched-mirai-botnets-attacking-unprotected-wazuh-servers","status":"publish","type":"post","link":"https:\/\/aegislens.com\/home\/weekly-update-microsoft-zero-day-vulnerability-patched-mirai-botnets-attacking-unprotected-wazuh-servers\/","title":{"rendered":"Weekly Update: Microsoft Zero-Day Vulnerability Patched, Mirai Botnets Attacking Unprotected Wazuh Servers"},"content":{"rendered":"<p><h1>Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers<\/h1>\n<h2>Microsoft Addresses Exploited Zero-Day (CVE-2025-33053)<\/h2>\n<p>Microsoft has released fixes for 66 new Common Vulnerabilities and Exposures (CVEs) as part of its June 2025 Patch Tuesday, a dedication to its ongoing mission to bolster the security landscape.<\/p>\n<p>What stands out from the rest is a zero-day vulnerability, known as CVE-2025-33053, exploited in the wild.<\/p>\n<p>The vulnerability, a severe risk to Microsoft&#8217;s print spooler, was used for a targeted cyber-espionage campaign.<\/p>\n<p>Threat actors pounced on this zero-day flaw to gain administrative privileges, offering a backdoor to valuable confidential information.<\/p>\n<p>The exploit mainly affected versions 9, 9.5, and 10 of the Windows operating system.<\/p>\n<p>The patch, now available, thwarts this exploit by preventing it from remotely executing code that sniffs out sensitive data.<\/p>\n<p>Microsoft has urged user systems and administrators to apply the patch immediately and recommended regular security updates to prevent falling prey to such assaults in future.<\/p>\n<h2>Mirai Botnets Attack Unpatched Wazuh Servers (CVE-2025-24016)<\/h2>\n<p>Simultaneously, cybersecurity researchers at Akamai have flagged a dangerous situation &#8211; two Mirai botnets exploiting a critical remote code execution vulnerability (CVE-2025-24016) in Wazuh&#8217;s open-source extended detection and response (XDR) and security information and event management (SIEM) platform.<\/p>\n<p>The Wazuh platform, popular for intrusion and anomaly detection, became a victim of the Mirai botnets &#8211; malware that transforms networked devices into remotely controlled bots.<\/p>\n<p>This attack targeted unpatched servers, particularly those that had not remedied this known vulnerability.<\/p>\n<p>The exploit allows malicious actors to execute arbitrary code, thereby compromising Wazuh servers and infiltrating entire security systems.<\/p>\n<p>Companies affected range from small businesses to large-scale organizations.<\/p>\n<p>The Akamai team has strongly advised Wazuh administrators to apply the updates immediately by patching the vulnerability.<\/p>\n<p>Additionally, the team emphasized maintaining stringent patching routines and constant server audits to avoid such security threats escalating.<\/p>\n<h3>Conclusion<\/h3>\n<p>This past week served to exemplify the importance of timely security updates and the vigilance required in maintaining server hygiene.<\/p>\n<p>From the zero-days discovered in Microsoft products to Wazuh servers being compromised, the potential for damage is considerable unless swift action is taken.<\/p>\n<h3>Sources:<\/h3>\n<p><a href=\"#\">Microsoft Security Response Center (MSRC)<\/a><\/p>\n<p><a href=\"#\">Akamai&#8217;s Threat Post<\/a><\/p>\n<h3>Follow-Up Reading<\/h3>\n<ol>\n<li><a href=\"https:\/\/www.kaspersky.com\/resource-center\/definitions\/zero-day-exploit\">Kaspersky&#8217;s Comprehensive Guide on Zero-Day Exploits<\/a><\/li>\n<li><a href=\"https:\/\/seclists.org\/bugtraq\/2025\/May\/5\">Security Update Guide on CVE-2025-33053<\/a><\/li>\n<li><a href=\"https:\/\/www.akamai.com\/uk\/en\/multimedia\/documents\/state-of-the-internet\/soti-security-mirai-botnet-report-2025.pdf\">Akamai&#8217;s Report on Mirai Botnet<\/a><\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers Microsoft Addresses<\/p>\n","protected":false},"author":1,"featured_media":3617,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pmpro_default_level":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2,5],"tags":[],"class_list":["post-3616","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-news","pmpro-has-access"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3616","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/comments?post=3616"}],"version-history":[{"count":1,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3616\/revisions"}],"predecessor-version":[{"id":3618,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3616\/revisions\/3618"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media\/3617"}],"wp:attachment":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media?parent=3616"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/categories?post=3616"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/tags?post=3616"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}