Incomplete Windows Patch Exposes Systems to Zero-Click APT28 Attack Vector

An incomplete Microsoft Windows security patch leaves systems exposed to zero-click attacks. The original vulnerability was actively exploited by Russia-linked APT28 in campaigns targeting Ukraine and EU countries before patching.

Researchers found the patch did not fully close the attack surface, leaving a residual path exploitable without user interaction. Organizations that applied the original patch may believe they are protected when they are not. Security teams should monitor for an updated Microsoft advisory and review Windows update posture for affected versions until a complete fix is issued.