CVE-2025-49722 is a vulnerability classified under CWE-400, indicating uncontrolled resource consumption, affecting Microsoft Windows 10 Version 1809 (build 10.0.17763.0). The flaw exists within the Windows Print Spooler components, which handle print job management and processing. An authorized attacker with local privileges on an adjacent network can exploit this vulnerability to trigger excessive resource consumption, leading to a denial of service (DoS) condition. Specifically, the attacker can cause the Print Spooler service to consume excessive CPU, memory, or other system resources, potentially rendering the system unresponsive or significantly degraded in performance. The attack vector is adjacent network access, meaning the attacker must be on the same local or logically adjacent network segment but does not require user interaction. The CVSS v3.1 base score is 5.7 (medium severity), reflecting that the attack requires low complexity and privileges but impacts only availability without compromising confidentiality or integrity. No known exploits are currently reported in the wild, and no patches or mitigations have been linked yet. The vulnerability's uncontrolled resource consumption nature means it could be leveraged to disrupt printing services and potentially affect other dependent services or applications relying on the Print Spooler, impacting business continuity in affected environments.

For European organizations, this vulnerability poses a moderate risk primarily to availability. Organizations relying on Windows 10 Version 1809 in their infrastructure, particularly those with networked printing environments, could experience service disruptions if exploited. This could affect office productivity, document workflows, and potentially critical printing operations in sectors such as healthcare, finance, and government. The denial of service could also cascade if Print Spooler dependencies are critical to other services. Since exploitation requires adjacent network access and authorized privileges, internal threat actors or compromised devices within the local network pose the greatest risk. Given that many European enterprises and public sector organizations still operate legacy Windows 10 versions, the vulnerability could be leveraged in targeted attacks or insider threat scenarios. However, the lack of confidentiality or integrity impact limits the risk of data breaches or system compromise directly from this vulnerability.

European organizations should prioritize upgrading or patching affected Windows 10 Version 1809 systems once official patches become available from Microsoft. Until then, practical mitigations include restricting access to the Print Spooler service on network segments, especially limiting adjacent network access to trusted devices only. Network segmentation and strict access controls can reduce the attack surface. Disabling the Print Spooler service on systems where printing is not required can eliminate exposure. Monitoring for unusual resource consumption patterns on print spooler processes can provide early detection of exploitation attempts. Additionally, enforcing least privilege principles to limit authorized user capabilities on networked systems reduces the risk of exploitation. Organizations should also review and update endpoint protection and intrusion detection systems to identify anomalous behavior related to print spooler resource usage. Finally, planning migration away from legacy Windows 10 versions towards supported, updated operating systems will reduce exposure to this and similar vulnerabilities.