Skip to content
Tech News
← Back to articles

Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw

2026-03-14 | original
read original get Windows 11 Hotpatch Kit → more articles
Why This Matters

Microsoft has issued an out-of-band hotpatch update for Windows 11 Enterprise devices to address critical vulnerabilities in the RRAS management tool that could allow remote code execution. This update is especially important for mission-critical systems that cannot be rebooted easily, as it applies security fixes in-memory without requiring a restart. The fix enhances security for enterprise environments by preventing potential exploitation via malicious servers, ensuring safer remote management practices.

Key Takeaways

Microsoft has released an out-of-band (OOB) update to fix a security vulnerabilities affecting Windows 11 Enterprise devices that receive hotpatch updates instead of the regular Patch Tuesday cumulative updates.

The KB5084597 hotpatch update was released yesterday to fix vulnerabilities in the Windows Routing and Remote Access Service (RRAS) management tool that could allow remote code execution when connecting to a malicious server.

"Microsoft has identified a security issue in the Windows Routing and Remote Access Service (RRAS) management tool that could allow remote code execution when connecting to a malicious server," reads an advisory from Microsoft.

"This issue only applies to a limited set of scenarios involving Enterprise client devices running hotpatch updates and being used for remote server management."

The KB5084597 update is for Windows 11 versions 25H2 and 24H2, as well as Windows 11 Enterprise LTSC 2024 systems.

Microsoft says the vulnerabilities fixed by this hotpatch are tracked as CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111, which were fixed as part of the March 2026 Patch Tuesday updates.

"An attacker authenticated on the domain could exploit this vulnerability by tricking a domain-joined user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in," reads the description for all three flaws.

The company says the hotpatch update is cumulative and includes all fixes and improvements from the March 2026 Windows security update released on March 10.

While the vulnerabilities were already fixed on Patch Tuesday, installing cumulative updates requires devices to be rebooted. However, some devices are used for mission-critical applications and services that cannot be easily rebooted.

To protect these types of devices, hotpatch updates apply new vulnerability fixes by performing in-memory patching of running processes to deliver fixes. At the same time, they update the files on disk so that the next time the device reboots, the fixes are still present.

... continue reading

Explore topics: windows 11 microsoft rras cve-2026-25172 hotpatch
Related:
Anthropic invests $100M into the Claude Partner Network
iPhone Fold: Launch Date, Price, Design Leaks and Everything We Know
This Microsoft Office and Laptop Bundle Is Just $260: Great for Budget-Conscious Business Owners
Nvidia, AMD, and Intel back Microsoft's plan to fix shader compilation stutter
ChatGPT, Other Chatbots Approved For Official Use In the Senate

© 2026 GoKawiil

About | Editorial Policy | Contact