Windows Server Flaw a Shortcut to Privilege Escalation

A newly identified, unpatched vulnerability in Windows Server 2025, dubbed “BadSuccessor” by Akamai researchers, presents a significant security risk. This flaw, found in the new delegated Managed Service Accounts (dMSA) feature, is described as “trivial” to exploit and can lead to privilege escalation and full domain compromise in Active Directory environments, even if dMSAs are not actively used. While Microsoft has assessed the exploit as “moderate severity” and plans a future update, Akamai urges organizations to proactively limit who can create dMSAs to mitigate this threat.