Microsoft's recent Patch Tuesday revealed twelve significant vulnerabilities, including six rated as critical, with some already being exploited by criminals. Notably, three of these exploited flaws affect NTFS, notably CVE-2025-24993, which is a heap-based buffer overflow that allows for remote code execution. Attackers can exploit this by tricking users into mounting malicious virtual hard disks. Other vulnerabilities in the same category allow information disclosure and log file manipulation. Microsoft emphasizes the importance of immediate attention to these security flaws to protect users.
The first is CVE-2025-24993 - a heap-based buffer overflow in NTFS used by Windows Server 2008 and later systems, as well as Windows 10 and 11.
An attacker can trick a local user on a vulnerable system into mounting a specially crafted VHD that would then trigger the vulnerability.
The second zero-day vulnerability, CVE-2025-24991, is an information-disclosure flaw in NTFS rated 5.5 on the ten-point CVSS severity scale.
All three NTFS flaws were reported anonymously, Microsoft said.
Collection
[
|
...
]