In early March 2026, Microsoft released an important security update addressing a high-severity vulnerability in Active Directory Domain Services (AD DS) tracked as CVE-2026-25177. The flaw received a CVSS score of 8.8 and can allow an authenticated network actor with limited permissions to escalate privileges to full SYSTEM on a targeted domain controller. Microsoft and third-party researchers coordinated fixes and