CVE-2025-58730 is a use-after-free vulnerability classified under CWE-416 affecting Inbox COM Objects in Microsoft Windows 11 Version 25H2 (build 10.0.26200.0). Use-after-free vulnerabilities occur when a program continues to use memory after it has been freed, leading to undefined behavior including potential arbitrary code execution. In this case, the vulnerability allows an unauthorized attacker with local access to execute arbitrary code by exploiting the improper handling of COM objects within the inbox components of Windows 11. The CVSS v3.1 score is 7.0, indicating high severity, with the vector string showing that the attack requires local access (AV:L), high attack complexity (AC:H), no privileges (PR:N), and user interaction (UI:R). The impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H), meaning a successful exploit could lead to full system compromise. The vulnerability was reserved on September 3, 2025, and published on October 14, 2025. No patches or known exploits are currently available, but the vulnerability is publicly disclosed and should be addressed promptly. The lack of known exploits suggests that active exploitation is not yet observed, but the potential risk remains significant due to the nature of the vulnerability and the critical role of Windows 11 in enterprise environments.

For European organizations, this vulnerability poses a significant risk as Windows 11 is widely deployed across enterprises, government agencies, and critical infrastructure sectors. Successful exploitation could allow attackers to execute arbitrary code locally, potentially leading to privilege escalation, data theft, disruption of services, or full system compromise. This is particularly concerning for organizations handling sensitive personal data under GDPR, critical infrastructure operators, and sectors such as finance, healthcare, and government. The requirement for local access and user interaction somewhat limits remote exploitation but does not eliminate risk, especially in environments where endpoint security is weak or insider threats exist. The high impact on confidentiality, integrity, and availability means that exploitation could result in severe operational and reputational damage, regulatory penalties, and financial losses.

Organizations should prioritize the deployment of security updates from Microsoft as soon as patches become available for Windows 11 Version 25H2. Until patches are released, practical mitigations include enforcing strict local access controls to prevent unauthorized physical or remote local access, implementing application whitelisting to restrict execution of unauthorized code, and enhancing endpoint detection and response (EDR) capabilities to monitor for suspicious activity related to COM object manipulation. User education to avoid executing untrusted code or clicking on suspicious prompts is critical given the requirement for user interaction. Network segmentation and the principle of least privilege should be applied to limit the impact of potential exploitation. Additionally, organizations should audit and harden configurations related to COM object usage and inbox components where feasible. Regular vulnerability scanning and penetration testing can help identify exposure to this vulnerability in the environment.