BSI Warns of Windows Server 2025 Security Vulnerability

The German Federal Office for Information Security (BSI) has issued a critical alert about a newly identified vulnerability in Microsoft Windows Server 2025. Security researchers from Akamai, who publicly disclosed the flaw—named “BadSuccessor”—warn that it allows attackers to exploit the delegated Managed Service Account (dMSA) feature in Active Directory to escalate privileges. While Microsoft initially classified the issue as “moderate” and has not yet assigned a CVE identifier, BSI has rated its severity at 9.9 out of 10.

Akamai’s analysis found that 91% of examined environments included users outside the domain administrators group with the necessary permissions to execute this attack. This widespread risk underscores the need for stricter access controls within enterprise networks. As a formal patch is not yet available, both BSI and Akamai recommend organizations identify and limit dMSA creation permissions to trusted administrators. The advisory highlights the ongoing security challenges faced by modern IT infrastructure, urging immediate action from enterprises using Windows Server 2025.