Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

MICROSOFT Patches Windows Kernel Zero-Day Exploit After March 2023 Discovery


Microsoft patches Windows Kernel zero-day exploit after March 2023 discovery. The patch addresses a use-after-free weakness that allows attackers with low privileges to gain SYSTEM privileges without requiring user interaction.

  • Microsoft released security updates as part of its Patch Tuesday initiative addressing a zero-day vulnerability in the Windows Win32 Kernel Subsystem.
  • The vulnerability, CVE-2025-24983, is a use-after-free weakness that allows attackers with low privileges to gain SYSTEM privileges without requiring user interaction.
  • The patch was released during this month's Patch Tuesday and includes fixes for six zero-day vulnerabilities.
  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added all six zero-days to its Known Exploited Vulnerabilities Catalog, ordering Federal Civilian Executive Branch (FCEB) agencies to secure their systems by April 1st.



    • Microsoft has recently released security updates as part of its Patch Tuesday initiative, addressing a zero-day vulnerability in the Windows Win32 Kernel Subsystem that was first exploited by attackers since March 2023. The vulnerability, tracked as CVE-2025-24983, is a use-after-free weakness that allows attackers with low privileges to gain SYSTEM privileges without requiring user interaction.

    According to Sergiu Gatlan, a news reporter who has covered the latest cybersecurity and technology developments for over a decade, the patch was released during this month's Patch Tuesday. The security flaw was reported by Slovak cybersecurity company ESET researcher Filip JurĨacko, who warned that successful exploitation of the vulnerability requires a race condition, making it a high-complexity attack.

    ESET stated that the exploit targeting the CVE-2025-24983 vulnerability was "first seen in the wild" on systems backdoored using PipeMagic malware. The PipeMagic backdoor is a piece of malicious software that can be used to harvest sensitive data, provide attackers with full remote access to infected devices, and deploy additional malicious payloads.

    The PipeMagic backdoor was discovered by Kaspersky in 2022 and has been linked to several ransomware attacks since then. In one notable incident, the malware was used to exploit another Windows zero-day vulnerability, a privilege escalation flaw in the Common Log File System Driver tracked as CVE-2023-28252.

    In addition to addressing the PipeMagic backdoor and related vulnerabilities, Microsoft's Patch Tuesday release also includes fixes for five other zero-day vulnerabilities. These include:

    * CVE-2025-24984: Windows NTFS Information Disclosure Vulnerability
    * CVE-2025-24985: Windows Fast FAT File System Driver Remote Code Execution Vulnerability
    * CVE-2025-24991: Windows NTFS Information Disclosure Vulnerability
    * CVE-2025-24993: Windows NTFS Remote Code Execution Vulnerability
    * CVE-2025-26633: Microsoft Management Console Security Feature Bypass Vulnerability

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added all six zero-days to its Known Exploited Vulnerabilities Catalog, ordering Federal Civilian Executive Branch (FCEB) agencies to secure their systems by April 1st.

    "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," CISA warned. "Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice."



    Related Information:
  • https://www.ethicalhackingnews.com/articles/MICROSOFT-Patches-Windows-Kernel-Zero-Day-Exploit-After-March-2023-Discovery-ehn.shtml

  • https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-windows-kernel-zero-day-exploited-since-2023/

  • https://www.securityweek.com/newly-patched-windows-zero-day-exploited-for-two-years/

  • https://nvd.nist.gov/vuln/detail/CVE-2023-28252

  • https://www.cvedetails.com/cve/CVE-2023-28252/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-24983

  • https://www.cvedetails.com/cve/CVE-2025-24983/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-24984

  • https://www.cvedetails.com/cve/CVE-2025-24984/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-24985

  • https://www.cvedetails.com/cve/CVE-2025-24985/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-24991

  • https://www.cvedetails.com/cve/CVE-2025-24991/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-24993

  • https://www.cvedetails.com/cve/CVE-2025-24993/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-26633

  • https://www.cvedetails.com/cve/CVE-2025-26633/


    • Published: Wed Mar 12 14:17:10 2025 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us