Microsoft Confirms Zero-Day Exploitation of CVE-2025-29824 Vulnerability

Microsoft has confirmed the zero-day exploitation of the CVE-2025-29824 vulnerability, a privilege escalation (EoP) flaw in the Common Log File System (CLFS) of Windows. This vulnerability allowed attackers to gain SYSTEM privileges through memory corruption techniques. Patched in the April 2025 security update, this flaw has been used in ransomware campaigns targeting entities in strategic sectors, including IT organizations in the United States, the financial sector in Venezuela, and companies in Saudi Arabia.