Microsoft has disclosed a significant security vulnerability in Active Directory Domain Services that could allow attackers to elevate their privileges to the system level, potentially gaining complete control over affected systems.

The vulnerability tracked as CVE-2025-29810, was patched as part of Microsoft’s April 2025 Patch Tuesday security update cycle.