Microsoft's April Patch Tuesday update fixed 134 vulnerabilities, including a critical zero-day flaw, CVE-2025-29824, affecting the Windows Common Log File System Driver. This enabled privilege escalation to the SYSTEM level, posing risks to enterprise and critical infrastructure systems. Notably, Windows 10 patches experienced delays compared to Windows 11, raising suspicions of underlying issues. Experts highlight that this vulnerability is actively exploited, and the absence of timely patches creates significant security gaps, especially for Windows 10 users, as ransomware operators increasingly leverage such flaws for attacks.
This vulnerability is significant because it affects a core component of Windows, impacting a wide range of environments, including enterprise systems and critical infrastructure.
Elevation of privilege flaws in CLFS have become especially popular among ransomware operators over the years.
What makes this vulnerability particularly concerning is that Microsoft has confirmed active exploitation in the wild, yet at this time, no patch has been released.
The delayed rollout of Windows 10 patches - paired with a 40-minute delay in the Windows 11 update - might point to something unusual behind the scenes.
Collection
[
|
...
]