CVE-2025-60710 - Elevation of Privilege in Host Process for Windows Tasks

Danger

This vulnerability is confirmed to be exploited in the wild (CISA KEV).

Note

Executive Summary (TL;DR) CVE-2025-60710 is a critical Elevation of Privilege (EoP) vulnerability affecting Windows 11 Version 25H2. It allows a local authenticated attacker to gain SYSTEM privileges by manipulating directory junctions and symbolic links targeted at the Windows AI Recall scheduled task.

Technical Analysis

The core of this vulnerability lies in Improper Link Resolution before File Access, documented under CWE-59. The flaw is located within the interaction between the Host Process for Windows Tasks (taskhostw.exe) and the Windows AI Recall feature.

Specifically, the scheduled task \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration performs file operations on a target directory without sufficiently validating whether the path is a symbolic link or a junction point. This “link following” behavior allows an attacker to redirect a SYSTEM-level file operation toward a sensitive target.

Vulnerable Components

• Process: taskhostw.exe
• Feature: Windows AI Recall
• Affected Builds: Windows 11 25H2 (10.0.26200.0 to 10.0.26200.7171)

Exploitation Flow

The exploitation follows a precise sequence to achieve arbitrary folder deletion and subsequent privilege escalation:

1. Environment Check: The attacker verifies the OS build version to ensure it falls within the vulnerable range.
2. Junction Creation: The attacker creates a directory junction in the %LOCALAPPDATA%\CoreAIPlatform.00\UKP directory.
3. Targeting: The junction is configured to point to a protected system directory or a critical configuration file.
4. Trigger: The PolicyConfiguration scheduled task is triggered (either naturally or via manual manipulation), causing taskhostw.exe to follow the link.
5. Privilege Gain: Because the task runs as SYSTEM, the linked operation is performed with highest privileges, allowing for the deletion or modification of restricted files, which can be leveraged to compromise the kernel or a system service.

Forensic Investigation

From a forensic perspective, the following traces are critical for identifying an attempted or successful exploitation of CVE-2025-60710.

File System Artefacts

• Path Analysis: Investigation of %LOCALAPPDATA%\CoreAIPlatform.00\UKP. The presence of GUID-named subdirectories that are identified as Reparse Points (junctions or symlinks) is a strong Indicator of Compromise (IoC).
• Link Following: Look for unexpected directory junctions pointing towards C:\Windows\System32 or other sensitive system paths.

Log Analysis

• Process Execution: Monitor for taskhostw.exe starting with unusual arguments or interacting with the CoreAIPlatform directory.
• Event IDs:
  • Event ID 4688: Process Creation. Look for taskhostw.exe interacting with the UKP path.
  • Event ID 4663: An attempt was made to access an object. Check for SYSTEM-level access to user-profile paths.

Detection

To detect this vulnerability, a combination of build verification and filesystem analysis is required.

Detection Logic

1. Build Verification: Confirm OS Build is between 10.0.26200.0 and 10.0.26200.7171.
2. Task Audit: Verify the existence and state of the \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration task.
3. Reparse Point Scan: Scan the UKP directory for any symlinks or junctions.

Threat Hunting Query (KQL/Splunk)

index=windows event_id=4688 process_name="taskhostw.exe"
| search "CoreAIPlatform.00\UKP"

Mitigation

Immediate action is required to secure vulnerable systems.

• Official Patch: Apply the latest Microsoft Security Updates for Windows 11 25H2.
• Temporary Workaround: Disable the following scheduled task: \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration.
• Hardening: Restrict write permissions on %LOCALAPPDATA%\CoreAIPlatform.00\UKP to prevent the creation of new junctions.

SOURCES

• NVD - CVE-2025-60710
• Vicarius - Detection Script
• Vicarius - Mitigation Script
• Microsoft MSRC