Thursday , July 2 2026
Falcon Sensor

CrowdStrike Releases Fixes for Two Falcon Sensor for Windows Vulns

CrowdStrike has issued security updates for two vulnerabilities in its Falcon Sensor for Windows, CVE-2025-42701 and CVE-2025-42706. These flaws require local code execution and may let attackers delete files, which could affect system stability and security monitoring.

Vulnerabilities found through CrowdStrike’s Bug Bounty program reflect their proactive security efforts. There’s no evidence of these flaws being exploited, and CrowdStrike is actively monitoring for any potential abuse.

India asks WhatsApp not to roll out ‘username’ feature over fraud concerns

The Indian government issued a notice WhatsApp planned to roll out its new 'username' feature. They are worried about fake...
Read More
India asks WhatsApp not to roll out ‘username’ feature over fraud concerns

Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface (CLI), compromising...
Read More
Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts

Chrome Update Patches 382 Vulnerabilities, Including 15 Critical

Chrome 151 has a new update that fixes 382 security problems. This includes 15 critical issues that could allow attackers...
Read More
Chrome Update Patches 382 Vulnerabilities, Including 15 Critical

Apple fixes more than 30 iOS, macOS, and Safari flaws

Apple released security updates on Monday for iOS, macOS, and Safari. These updates fix more than thirty issues, including four...
Read More
Apple fixes more than 30 iOS, macOS, and Safari flaws

Attackers exploit critical flaw in Oracle E-Business

Attackers are now using a flaw (called CVE-2026-46817) in the Oracle E-Business Suite (EBS) financial app, according to the security...
Read More
Attackers exploit critical flaw in Oracle E-Business

WhatsApp to allow usernames instead of phone numbers

WhatsApp is about to release a big update that may change how people communicate on the app. Soon, users can...
Read More
WhatsApp to allow usernames instead of phone numbers

Linux Unveils New Open Source Security Project “Akrites” For (OSS) Ecosystem

The Linux Foundation said on Thursday that they are starting a new project to fix flaws in open source software...
Read More
Linux Unveils New Open Source Security Project “Akrites” For (OSS) Ecosystem

Data breach affects 14.2 million email logins across six ISPs

KDDI Corporation, a Japanese telecom company, revealed a data breach. Hackers got into one of its email systems that five...
Read More
Data breach affects 14.2 million email logins across six ISPs

Asian Two AI startups launch Mythos-like Model

Two Asian AI companies have released new models this week that compete with Anthropic’s recently limited Mythos and Fable models,...
Read More
Asian Two AI startups launch Mythos-like Model

Polymarket Hack Reportedly Results in $3 Million Theft

Polymarket is a platform for prediction markets using cryptocurrency. It lets users bet on what might happen in real-life events...
Read More
Polymarket Hack Reportedly Results in $3 Million Theft

The advisory highlights that the vulnerabilities stem from two different flaws — a race condition and a logic error — both within the Windows version of the Falcon Sensor.

CVE-2025-42701 is a race condition that may allow deletion of files under certain conditions. CVE-2025-42706 stems from a logic error in the Falcon Sensor’s file operations, which can also lead to file deletion.

CrowdStrike notes, “A logic error exists in the Falcon sensor for Windows that could allow an attacker, with the prior ability to execute code on a host, to delete arbitrary files.”

While the flaws do not directly allow remote code execution, they could be exploited to destabilize system functionality or disable security mechanisms, indirectly aiding further compromise.

The company warns, “Exploiting these issues to delete files could potentially lead to stability or functionality issues with the CrowdStrike Falcon Windows sensor, or other software on the system including the operating system.”

Importantly, Falcon sensors for macOS, Linux, and Legacy Windows systems are not affected by these vulnerabilities.

CrowdStrike found that Falcon Sensor for Windows versions 7.28 and earlier have vulnerabilities. They released fixes for various builds, including hotfixes for versions 7.24 to 7.28 and an update for version 7.16 for older Windows systems like Windows 7 and Windows Server 2008 R2.

The patched versions include:

7.28.20008 and later
7.27.19909
7.26.19813
7.25.19707
7.24.19608
7.16.18637 (Windows 7 / 2008 R2 only)

CrowdStrike confirmed that the 7.24 hotfix updates the LTV Sensor for Windows IoT.

Check Also

FortiGate

CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) asked Fortinet users with FortiGate devices on …