Critical Privilege Escalation Vulnerability Discovered in Windows Server 2025

A privilege escalation vulnerability has been demonstrated in Windows Server 2025, allowing attackers to compromise any user in Active Directory (AD). This attack exploits the delegated Managed Service Account (dMSA) feature introduced in Windows Server 2025 and works with the default configuration. According to Akamai security researcher Yuval Gordon, exploiting this vulnerability is trivial to implement.