Known Exploited Vulnerability
7.8
HIGH
CVE-2025-29824
Microsoft Windows Common Log File System (CLFS) Dr - [Actively Exploited]
Description

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

INFO

Published Date :

April 8, 2025, 6:16 p.m.

Last Modified :

May 14, 2025, 9:11 p.m.

Remotely Exploitable :

No

Impact Score :

5.9

Exploitability Score :

1.8
CISA Notification
CISA KEV (Known Exploited Vulnerabilities)

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.

Description :

Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.

Required Action :

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Notes :

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-29824 ; https://nvd.nist.gov/vuln/detail/CVE-2025-29824

Public PoC/Exploit Available at Github

CVE-2025-29824 has a 6 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2025-29824 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Microsoft windows_server_2008
2 Microsoft windows_server_2012
3 Microsoft windows_server_2016
4 Microsoft windows_server_2019
5 Microsoft windows_10_1607
6 Microsoft windows_10_1809
7 Microsoft windows_10_21h2
8 Microsoft windows_10_22h2
9 Microsoft windows_server_2022
10 Microsoft windows_11_22h2
11 Microsoft windows_10_1507
12 Microsoft windows
13 Microsoft windows_11_23h2
14 Microsoft windows_server_2022_23h2
15 Microsoft windows_server_23h2
16 Microsoft windows_server_2012_r2
17 Microsoft windows_server_2008_r2
18 Microsoft windows_server_2008_sp2
19 Microsoft windows_11_24h2
20 Microsoft windows_server_2025
References to Advisories, Solutions, and Tools

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

None

C++

Updated: 5 days ago
4 stars 1 fork 1 watcher
Born at : May 14, 2025, 1:45 a.m. This repo has been linked 1 different CVEs too.

监控Github最新网络安全相关的仓库...

cve cybersecurity github spider

Shell Python Nix

Updated: 5 days, 9 hours ago
0 stars 1 fork 1 watcher
Born at : May 9, 2025, 2:29 p.m. This repo has been linked 28 different CVEs too.

This is just a assessment for a cybersecurity job. This application is intentionally insecure. Use strictly within controlled, local testing environments.

Python

Updated: 2 weeks, 6 days ago
0 stars 0 fork 0 watcher
Born at : April 27, 2025, 3:49 p.m. This repo has been linked 1 different CVEs too.

None

Updated: 1 week, 5 days ago
0 stars 0 fork 0 watcher
Born at : Dec. 7, 2023, 3:29 a.m. This repo has been linked 1 different CVEs too.

None

Shell Ruby HTML JavaScript SCSS Python

Updated: 1 week, 5 days ago
0 stars 0 fork 0 watcher
Born at : Aug. 6, 2023, 9:53 a.m. This repo has been linked 4 different CVEs too.

None

Updated: 1 week, 5 days ago
0 stars 0 fork 0 watcher
Born at : Jan. 14, 2023, 11:38 a.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-29824 vulnerability anywhere in the article.

  • Help Net Security
May 2025 Patch Tuesday forecast: Panic, change, and hope

April was an event-filled month for cybersecurity. Patch Tuesday came to us quickly on April 8 – the earliest first Tuesday possible in a given month. We again saw large numbers of CVEs addressed with ... Read more

Published Date: May 09, 2025 (1 week, 4 days ago)
  • Dark Reading
Play Ransomware Group Used Windows Zero-Day

Source: DD Images via ShutterstockMore than one ransomware actor appears to have exploited a recently disclosed Windows privilege escalation bug before Microsoft issued a patch for it in its April 202 ... Read more

Published Date: May 07, 2025 (1 week, 5 days ago)
  • BleepingComputer
Play ransomware exploited Windows logging flaw in zero-day attacks

The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. The vulnerability, t ... Read more

Published Date: May 07, 2025 (1 week, 5 days ago)
  • security.nl
Symantec: Windows-lek voor uitkomen patch gebruikt bij malware-aanval

Een kwetsbaarheid in Windows waarvoor op 8 april een beveiligingsupdate verscheen is al voor het uitkomen van de patch gebruikt voor het verspreiden van malware, zo stelt Symantec. Eerder maakte Micro ... Read more

Published Date: May 07, 2025 (1 week, 5 days ago)
  • Cyber Security News
Windows 0-Day Vulnerability Exploited in the Wild to Deploy Play Ransomware

Threat actors linked to the Play ransomware operation exploited a zero-day vulnerability in Microsoft Windows prior to its patching on April 8, 2025. The vulnerability, tracked as CVE-2025-29824, affe ... Read more

Published Date: May 07, 2025 (1 week, 5 days ago)
  • Daily CyberSecurity
Zero-Day CLFS Vulnerability (CVE-2025-29824) Exploited in Ransomware Attacks

Symantec’s Threat Hunter Team has uncovered a sophisticated attack involving a zero-day privilege escalation vulnerability in Microsoft’s Common Log File System (CLFS) driver — CVE-2025-29824 — active ... Read more

Published Date: May 07, 2025 (1 week, 5 days ago)
  • The Hacker News
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization

Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the Unite ... Read more

Published Date: May 07, 2025 (1 week, 5 days ago)
  • The Cyber Express
CISA Adds Two New Exploited Vulnerabilities to Its Catalog: CVE-2024-38475 and CVE-2023-44221

The Cybersecurity and Infrastructure Security Agency (CISA) recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding two vulnerabilities, CVE-2024-38475 and CVE-2023-44221, that are ... Read more

Published Date: May 02, 2025 (2 weeks, 3 days ago)
  • Cyber Security News
Windows Security in 2025: Battling Sophisticated Threats with Advanced Defenses

The Windows security landscape has dramatically evolved in early 2025, marked by increasingly sophisticated attack vectors and Microsoft’s accelerated defensive innovations. February 2025 witnessed a ... Read more

Published Date: May 02, 2025 (2 weeks, 4 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 28, 2025 (3 weeks ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 28, 2025 (3 weeks ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 28, 2025 (3 weeks, 1 day ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 28, 2025 (3 weeks, 1 day ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 27, 2025 (3 weeks, 1 day ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 27, 2025 (3 weeks, 1 day ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 27, 2025 (3 weeks, 1 day ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 27, 2025 (3 weeks, 2 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 27, 2025 (3 weeks, 2 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 26, 2025 (3 weeks, 2 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 26, 2025 (3 weeks, 2 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 26, 2025 (3 weeks, 3 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 26, 2025 (3 weeks, 3 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 25, 2025 (3 weeks, 3 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 25, 2025 (3 weeks, 3 days ago)
  • The Cyber Express
Critical Commvault Flaw Rated 10/10: CSA Urges Immediate Patching

The Cyber Security Agency of Singapore (CSA) has warned users about a critical vulnerability affecting the Commvault Command Center. This Commvault vulnerability, identified as CVE-2025-34028, has bee ... Read more

Published Date: Apr 25, 2025 (3 weeks, 3 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 25, 2025 (3 weeks, 3 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 25, 2025 (3 weeks, 4 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 24, 2025 (3 weeks, 4 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 24, 2025 (3 weeks, 4 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 24, 2025 (3 weeks, 4 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 24, 2025 (3 weeks, 4 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 24, 2025 (3 weeks, 4 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 24, 2025 (3 weeks, 5 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 24, 2025 (3 weeks, 5 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 23, 2025 (3 weeks, 5 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 23, 2025 (3 weeks, 5 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 23, 2025 (3 weeks, 5 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 23, 2025 (3 weeks, 5 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 23, 2025 (3 weeks, 5 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 23, 2025 (3 weeks, 6 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 22, 2025 (3 weeks, 6 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 22, 2025 (3 weeks, 6 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 22, 2025 (3 weeks, 6 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 22, 2025 (3 weeks, 6 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 22, 2025 (3 weeks, 6 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 22, 2025 (3 weeks, 6 days ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 22, 2025 (4 weeks ago)
  • Cyber Security News
Critical Windows Update Stack Vulnerability Allows Code Execution & Privilege Escalation

A security flaw has been identified in the Windows Update Stack, exposing millions of Windows systems to the risk of unauthorized code execution and privilege escalation. Tracked as CVE-2025-21204, th ... Read more

Published Date: Apr 22, 2025 (4 weeks ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 22, 2025 (4 weeks ago)
  • Cyber Security News
Microsoft Addresses Entra ID Token Logging Issue, Alerts to Protect Users

Microsoft has acknowledged a recent issue that triggered widespread alerts in its Entra ID Protection system, flagging user accounts as high risk due to supposed credential leaks on the dark web. The ... Read more

Published Date: Apr 21, 2025 (4 weeks ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 21, 2025 (4 weeks ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 21, 2025 (4 weeks ago)
  • The Cyber Express
Senators Peters and Rounds Lead Bipartisan Push to Extend Critical Cybersecurity Information Sharing Protections

U.S. Senators Gary Peters (D-MI) and Mike Rounds (R-SD) have introduced a bipartisan bill to extend vital provisions from the Cybersecurity Information Sharing Act of 2015. The new legislation, titled ... Read more

Published Date: Apr 21, 2025 (4 weeks ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 21, 2025 (4 weeks ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 21, 2025 (4 weeks ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 21, 2025 (4 weeks, 1 day ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 20, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 20, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 19, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 19, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 19, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 18, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 18, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 18, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 18, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 18, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 18, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 18, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 17, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 17, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 17, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 17, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 17, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 17, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 17, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 16, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 16, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 16, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 16, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 16, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 15, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 15, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 15, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 15, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 15, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 15, 2025 (1 month ago)
  • The Cyber Express
Australian Businesses at Risk as Threat Actors Exploit Fortinet Vulnerabilities

Australian organizations using Fortinet products are being urged to take immediate action following a new advisory highlighting the active exploitation of previously known vulnerabilities. The Austral ... Read more

Published Date: Apr 15, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 15, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 15, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 14, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 14, 2025 (1 month ago)
  • The Hacker News
⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More

Attackers aren't waiting for patches anymore — they are breaking in before defenses are ready. Trusted security tools are being hijacked to deliver malware. Even after a breach is detected and patched ... Read more

Published Date: Apr 14, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 14, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 14, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 14, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 13, 2025 (1 month ago)
  • Cyber Security News
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches

Welcome to this week’s Cybersecurity Newsletter, providing you with the latest updates and essential insights from the rapidly evolving field of cybersecurity. This edition highlights emerging threats ... Read more

Published Date: Apr 13, 2025 (1 month ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 13, 2025 (1 month ago)
  • Help Net Security
Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) April 2025 Patch Tuesday is ... Read more

Published Date: Apr 13, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 13, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 12, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 12, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 12, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 12, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 11, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 11, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 11, 2025 (1 month, 1 week ago)
  • The Cyber Express
One Exploit, $2.6 Million Lost: MorphoBlue Hack Rattles DeFi Markets

A new exploit, traced to a MorphoBlue vulnerability, has resulted in the theft of $2.6 million. The breach, which occurred on April 11, 2025, was first reported by PeckShieldAlert, highlighting a majo ... Read more

Published Date: Apr 11, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 11, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 11, 2025 (1 month, 1 week ago)
  • The Cyber Express
100,000+ WordPress Sites at Risk as SureTriggers Exploit Goes Live

A recently uncovered SureTriggers vulnerability has put more than 100,000 websites at risk, highlighting once again how critical plugin security is for WordPress site administrators. The vulnerability ... Read more

Published Date: Apr 11, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 11, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 10, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 10, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 10, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 10, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 10, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 10, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 10, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • The Register
April's Patch Tuesday leaves unlucky Windows Hello users unable to login

Updated Those keen to get their Microsoft PCs patched up as soon as possible have been getting an unpleasant shock when they try to get in using Windows Hello. The patch bundle released yesterday is g ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • Help Net Security
WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401)

WhatsApp users are urged to update the Windows client app to plug a serious security vulnerability (CVE-2025-30401) that may allow attackers to trick users into running malicious code. Meta classifies ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • TheCyberThrone
CISA KEV Catalog Update Part II – April 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding several critical vulnerabilities that are actively being expl ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • Cyber Security News
CISA Warns of Microsoft Windows CLFS Vulnerability Exploited in Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The flaw in the Windows Comm ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • The Cyber Express
CERT-In Flags Info Disclosure Flaw in TP-Link Tapo H200 Smart Hub

A new vulnerability has been identified in the TP-Link Tapo H200 V1 IoT Smart Hub that could allow attackers to access sensitive information, particularly Wi-Fi credentials. The Computer Emergency Res ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • Help Net Security
RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406)

A critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited Vulnerabilities catalog on Tuesday. Accord ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • The Cyber Express
Remote Code Execution & Privilege Escalation: Two New Threats in CISA’s KEV

The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding two new vulnerabilities that are actively being exploited in ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • The Hacker News
PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware

Vulnerability / Ransomware Microsoft has revealed that a now-patched security flaw impacting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware attacks aimed at a smal ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • security.nl
Microsoft: Windows CLFS-lek gebruikt bij ransomware-aanvallen

Een kwetsbaarheid in het Windows Common Log Filesystem (CLFS) is gebruikt bij ransomware-aanvallen voordat een beveiligingsupdate beschikbaar was, zo heeft Microsoft laten weten. Het techbedrijf kwam ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • The Hacker News
Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability

Endpoint Security / Vulnerability Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been activel ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • TheCyberThrone
Microsoft Patch Tuesday, April 2025

Microsoft’s April 2025 Patch Tuesday is one of the most significant updates in recent months, addressing a wide array of vulnerabilities across its expansive product ecosystem. With a total of 121 vul ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • krebsonsecurity.com
Patch Tuesday, April 2025 Edition

Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of t ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • Daily CyberSecurity
Critical Vulnerabilities: CISA Alerts to Windows CLFS and Gladinet CentreStack Threats

Recently, the Cybersecurity and Infrastructure Security Agency (CISA) added two significant vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting the urgency for users to apply ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • Daily CyberSecurity
Windows CLFS Zero-Day Exploited to Deploy Ransomware

Microsoft Threat Intelligence has disclosed active exploitation of a zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824. The exploit, used in the wild, enab ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • Daily CyberSecurity
Microsoft April 2025 Patch Tuesday: Critical Security Updates and Zero-Day Exploits

This April, Microsoft’s Patch Tuesday release addresses a significant number of vulnerabilities, highlighting the ever-present need for robust cybersecurity practices. The tech giant rolled out fixes ... Read more

Published Date: Apr 09, 2025 (1 month, 1 week ago)
  • The Cyber Express
Microsoft Patch Tuesday April 2025: One Zero-Day, 11 High-Risk Flaws

Microsoft Patch Tuesday for April 2025 included fixes for 135 vulnerabilities in all, including one actively exploited zero-day and an additional 11 high-risk vulnerabilities. In all, Patch Tuesday Ap ... Read more

Published Date: Apr 08, 2025 (1 month, 1 week ago)
  • Cyber Security News
Windows CLFS Zero-Day Vulnerability Actively Exploited by Ransomware Group

A critical zero-day vulnerability in the Windows Common Log File System (CLFS) has been uncovered and is being actively exploited by a ransomware group. The vulnerability Tracked as CVE-2025-29824, th ... Read more

Published Date: Apr 08, 2025 (1 month, 1 week ago)
  • Help Net Security
Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824)

April 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day (CVE-2025-29824) that’s under active attack. CVE-2025-29824 CVE-2025-29824 is a user- ... Read more

Published Date: Apr 08, 2025 (1 month, 1 week ago)
  • BleepingComputer
Microsoft: Windows CLFS zero-day exploited by ransomware gang

Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems. The vulnerability, t ... Read more

Published Date: Apr 08, 2025 (1 month, 1 week ago)
  • Cyber Security News
Windows Common Log File System 0-Day Vulnerability Exploited in the Wild

A critical zero-day vulnerability in the Windows Common Log File System (CLFS) driver, tracked as CVE-2025-29824, has been actively exploited in the wild. This security flaw allows attackers to elevat ... Read more

Published Date: Apr 08, 2025 (1 month, 1 week ago)

The following table lists the changes that have been made to the CVE-2025-29824 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Reanalysis by [email protected]

    May. 14, 2025

    Action Type Old Value New Value
    Changed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.7137 *cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.25398.1551 *cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.14393.7970 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.10240.20978 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.10240.20978 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.17763.7136 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.17763.7136 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.14393.7969 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.14393.7969 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22621.5189 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22621.5189 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22631.5189 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22631.5189 *cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.20348.3453 OR *cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.25398.1551 *cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.10240.20978 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.10240.20978 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.17763.7136 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.17763.7136 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.14393.7969 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.14393.7969 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22621.5189 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22621.5189 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22631.5189 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22631.5189 *cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.20348.3453 *cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.7136 *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.14393.7969
  • Modified Analysis by [email protected]

    May. 12, 2025

    Action Type Old Value New Value
    Changed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.7137 *cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.20348.3454 *cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.25398.1551 *cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.14393.7970 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.10240.20978 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.10240.20978 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.17763.7136 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.17763.7136 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.14393.7969 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.14393.7969 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22621.5189 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22621.5189 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22631.5189 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22631.5189 OR *cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.7137 *cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.25398.1551 *cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.14393.7970 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.10240.20978 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.10240.20978 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.17763.7136 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.17763.7136 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.14393.7969 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.14393.7969 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22621.5189 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22621.5189 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22631.5189 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22631.5189 *cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.20348.3453
  • Modified Analysis by [email protected]

    May. 05, 2025

    Action Type Old Value New Value
    Changed CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x32:* versions up to (excluding) 10.0.17763.7137 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.17763.7137 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x32:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x32:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22621.5191 *cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.25398.1551 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22631.5191 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22621.5191 *cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.20348.3454 *cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.7137 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x32:* versions up to (excluding) 10.0.14393.7970 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.14393.7970 *cpe:2.3:o:microsoft:windows_server_2008:*:sp1:*:*:*:*:x64:* versions up to (excluding) 6.0.6003.23220 *cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* versions up to (excluding) 6.0.6003.23220 *cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:* versions up to (excluding) 6.0.6003.23220 *cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:* versions up to (excluding) 6.2.9200.25423 *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.14393.7970 OR *cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:* *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.7137 *cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.20348.3454 *cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.25398.1551 *cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.14393.7970 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.10240.20978 *cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.10240.20978 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.17763.7136 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.17763.7136 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.14393.7969 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* versions up to (excluding) 10.0.14393.7969 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22621.5189 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22621.5189 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22631.5189 *cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22631.5189
  • Modified Analysis by [email protected]

    Apr. 17, 2025

    Action Type Old Value New Value
    Added Reference Type CVE: https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script Types: Exploit, Third Party Advisory
    Added Reference Type CVE: https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script Types: Exploit, Third Party Advisory
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Apr. 16, 2025

    Action Type Old Value New Value
    Added Reference https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-detection-script
    Added Reference https://www.vicarius.io/vsociety/posts/cve-2025-29824-windows-common-log-file-system-driver-elevation-of-privilege-vulnerability-mitigation-script
  • Initial Analysis by [email protected]

    Apr. 11, 2025

    Action Type Old Value New Value
    Added CPE Configuration OR *cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x32:* versions up to (excluding) 10.0.17763.7137 *cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.17763.7137 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x32:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19044.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x32:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.19045.5737 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.22621.5191 *cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* versions up to (excluding) 10.0.26100.3775 *cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.25398.1551 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22631.5191 *cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.22621.5191 *cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.20348.3454 *cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.17763.7137 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x32:* versions up to (excluding) 10.0.14393.7970 *cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* versions up to (excluding) 10.0.14393.7970 *cpe:2.3:o:microsoft:windows_server_2008:*:sp1:*:*:*:*:x64:* versions up to (excluding) 6.0.6003.23220 *cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* versions up to (excluding) 6.0.6003.23220 *cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:* versions up to (excluding) 6.0.6003.23220 *cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:* versions up to (excluding) 6.2.9200.25423 *cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* versions up to (excluding) 10.0.14393.7970
    Added Reference Type Microsoft Corporation: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29824 Types: Vendor Advisory
  • CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725

    Apr. 09, 2025

    Action Type Old Value New Value
    Added Date Added 2025-04-08
    Added Due Date 2025-04-29
    Added Required Action Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    Added Vulnerability Name Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
  • New CVE Received by [email protected]

    Apr. 08, 2025

    Action Type Old Value New Value
    Added Description Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
    Added CVSS V3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Added CWE CWE-416
    Added Reference https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29824
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-29824 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2025-29824 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
© cvefeed.io
Latest DB Update: May. 20, 2025 9:38