Cybersecurity analysts have unveiled recent discoveries concerning a recently resolved security flaw in Microsoft’s Windows Remote Procedure Call (RPC) communication protocol that could be exploited by an assailant to perform spoofing attacks and mimic a recognized server.
The security weakness, identified as CVE-2025-49760 (CVSS rating: 3.5), has been characterized by the technology giant as a Windows Storage spoofing defect.