CVE-2025-29824

Play ransomware exploited Windows logging flaw in zero-day attacks By Sergiu Gatlan May 7, 2025 10:45 AM 0 The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. The vulnerability, tracked as CVE-2025-29824, was tagged by Microsoft as exploited in a limited number of attacks and patched during last month's Patch Tuesday. "The targets include organizations in the infor...

Microsoft: Windows CLFS zero-day exploited by ransomware gang By Sergiu Gatlan April 8, 2025 03:05 PM 0 Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems. The vulnerability, tracked as CVE-2025-29824, was patched during this month's Patch Tuesday and was only exploited in a limited number of attacks. CVE-2025-29824 is due to a use-after-free weakness that lets local at...

Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws By Lawrence Abrams April 8, 2025 01:50 PM 0 .crit { font-weight:bold; color:red; } .article_section td { font-size: 14px!important; } Today is Microsoft's April 2025 Patch Tuesday, which includes security updates for 134 flaws, including one actively exploited zero-day vulnerability. This Patch Tuesday also fixes eleven "Critical" vulnerabilities, all remote code execution vulnerabilities. The number of bugs in each vulnerabi...

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources A novel way to encourage upgrades? Microsoft would never stoop so low

Patch Tuesday Patch Tuesday has arrived, and Microsoft has revealed one flaw in its products under active exploitation and 11 critical issues in its code to fix. Redmond delivered fixes for more than 120 flaws this month; none are rated with a CVSS severity score of nine or higher. The one that deserves most attention is CVE-2025-29824, an elevation of privilege (EoP) hole in the Windows Common Log File System Driver, because it is already being exploited. In a separate note, Microsoft explained...

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Can't Redmond ask its whizz-bang Copilot AI to fix it? GitHub's boast that Copilot produces high-quality code challenged

Updated Those keen to get their Microsoft PCs patched up as soon as possible have been getting an unpleasant shock when they try to get in using Windows Hello. The patch bundle released yesterday is going to cause problems for a specific subset of users who are running either System Guard Secure Launch or Dynamic Root of Trust for Measurement (DRTM) on Windows 11 and Server 2025. If that's you, it's possible you'll need to reset your login PIN or biometrics in Hello in order to actually login an...