Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Published: 2025-04-08
Microsoft addresses 121 CVEs including one zero-day which was exploited in the wild.
https://www.bleepingcomputer.com/news/security/ransomware-gangs-join-ongoing-sap-netweaver-attacks/
https://thehackernews.com/2025/05/bianlian-and-ransomexx-exploit-sap.html
https://www.securityweek.com/second-ransomware-group-caught-exploiting-windows-flaw-as-zero-day/
https://thehackernews.com/2025/05/play-ransomware-exploited-windows-cve.html
https://www.securityweek.com/cisa-urges-urgent-patching-for-exploited-centrestack-windows-zero-days/
https://www.databreachtoday.com/microsoft-warns-ransomware-actors-exploiting-windows-flaw-a-27960
https://thehackernews.com/2025/04/pipemagic-trojan-exploits-windows-clfs.html
https://www.theregister.com/2025/04/08/patch_tuesday_microsoft/
https://www.securityweek.com/microsoft-patches-125-windows-vulns-including-exploited-clfs-zero-day/
https://www.helpnetsecurity.com/2025/04/08/patch-tuesday-microsoft-zero-day-cve-2025-29824/
https://therecord.media/microsoft-zero-day-used-ransomware-attack-real-estate
Published: 2025-04-08
Updated: 2025-05-14
Named Vulnerability: ZTA Microsoft Windows Common Log File System (CLFS) Driver flawNamed Vulnerability: CLFS Zero-DayKnown Exploited Vulnerability (KEV)
Base Score: 6.8
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
Severity: Medium
Base Score: 7.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: High
EPSS: 0.19164