CVE-2025-59244 is a vulnerability classified under CWE-73 (External Control of File Name or Path) found in Microsoft Windows 10 Version 1507 (build 10.0.10240.0). The flaw resides in the Windows Core Shell component, where an attacker can externally influence the file name or path used by the system. This manipulation allows an attacker to conduct spoofing attacks over a network, potentially misleading users or systems by presenting falsified file paths or names. The vulnerability requires no privileges but does require user interaction, such as opening a crafted file or link. The CVSS v3.1 base score is 6.5 (medium severity), reflecting a network attack vector with low attack complexity and no privileges required, but user interaction is necessary. The impact is primarily on confidentiality, with no direct effect on integrity or availability. No patches or exploits are currently publicly available, but the vulnerability is officially published and reserved by Microsoft. This issue mainly threatens legacy systems still running the initial Windows 10 release, which may be more prevalent in certain enterprise or industrial environments. The vulnerability could be leveraged to deceive users into trusting malicious files or paths, potentially leading to information disclosure or further social engineering attacks.

The primary impact of CVE-2025-59244 is on confidentiality due to the potential for spoofing attacks that could trick users or systems into trusting malicious file paths or names. This could lead to unauthorized disclosure of sensitive information if users are deceived into opening or interacting with spoofed files or resources. While integrity and availability are not directly affected, the spoofing could facilitate further attacks such as phishing or malware delivery. Organizations running Windows 10 Version 1507 are at risk, especially those with legacy systems that have not been updated. The network-based attack vector and lack of privilege requirements increase the risk of exploitation, although the need for user interaction somewhat limits automated exploitation. The absence of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits over time. Overall, the vulnerability poses a moderate risk to confidentiality and user trust in affected environments.

1. Upgrade affected systems from Windows 10 Version 1507 to a supported and fully patched Windows version to eliminate exposure to this vulnerability. 2. If upgrading is not immediately possible, implement strict network segmentation and limit exposure of legacy systems to untrusted networks to reduce attack surface. 3. Educate users about the risks of interacting with unexpected or suspicious files and links, emphasizing caution to mitigate user interaction requirements for exploitation. 4. Employ endpoint security solutions that can detect and block attempts to exploit spoofing or path manipulation techniques. 5. Monitor network traffic and system logs for unusual file path or name activities that could indicate attempted exploitation. 6. Apply any available vendor advisories or interim mitigations from Microsoft once released. 7. Maintain a robust patch management process to quickly apply updates when patches become available for legacy systems. 8. Use application whitelisting and restrict execution of unauthorized files to limit the impact of spoofed files.