Ethical Hacking News
Microsoft's Patch Tuesday has brought a slew of fixes for over 120 vulnerabilities, but leaves Windows 10 vulnerable to an exploited bug. The latest CVE-2025-29824 is a critical EoP hole in the Windows Common Log File System Driver that is already being exploited by a group known as Storm-2460.
Micorosft's Patch Tuesday has released a patch for over 120 vulnerabilities in its products. A notable vulnerability, CVE-2025-29824, is an elevation of privilege (EoP) hole in the Windows Common Log File System Driver that allows remote code execution (RCE). The flaw affects all versions of Windows Server up to 2025 and Windows 10 and 11. Windows Server and Windows 11 have been patched, but Windows 10 awaits a fix.
Microsoft's Patch Tuesday has arrived once again, bringing a slew of fixes for over 120 vulnerabilities in its various products. Among the most notable of these is CVE-2025-29824, an elevation of privilege (EoP) hole in the Windows Common Log File System Driver that is already being exploited by a group known as Storm-2460. This group uses the bug to deliver ransomware it's dubbed PipeMagic, which has been found in the US, Spain, Venezuela, and Saudi Arabia.
The 7.8-rated flaw allows an attacker to elevate privileges up to system level thanks to a use-after-free() flaw in the aforementioned driver. The issue affects all versions of Windows Server up to 2025 and Windows 10 and 11. Windows Server and Windows 11 have been patched, but Windows 10 awaits a fix.
"The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information," Redmond wrote, regarding patches for Windows 10.
This appears to be a common problem this month, with many of the patches excluding Windows 10 for the moment. We've asked Microsoft for clarification on release dates and what the issue is. Windows 10 is approaching end of life but it's not there yet.
All of the critical flaws all allow remote code execution (RCE). Three impact Office, and two target Excel, LDAP, and Remote Desktop. A summary, courtesy of Trend Micro's Zero Day Initiative, for the most serious holes in this month's patch batch is below in table form.
CVE
Title
Severity
CVSS
Public
Exploited
Type
CVE-2025-29824
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Important
7.8
No
Yes
EoP
Microsoft
Patch Tuesday
Security
Windows
Narrower topics
2FA
Active Directory
Advanced persistent threat
Application Delivery Controller
Authentication
Azure
BEC
Bing
Bitlocker
Black Hat
BSides
BSoD
Bug Bounty
CHERI
CISO
Common Vulnerability Scoring System
Cybercrime
Cybersecurity
Cybersecurity and Infrastructure Security Agency
Cybersecurity Information Sharing Act
Data Breach
Data Protection
Data Theft
DDoS
DEF CON
Digital certificate
Encryption
Excel
Exchange Server
Exploit
Firewall
Hacker
Hacking
Hacktivism
HoloLens
Identity Theft
Incident response
Infosec
Infrastructure Security
Internet Explorer
Kenna Security
LinkedIn
Microsoft 365
Microsoft Build
Microsoft Edge
Microsoft Fabric
Microsoft Ignite
Microsoft Office
Microsoft Surface
Microsoft Teams
NCSAM
NCSC
.NET
Office 365
OS/2
Outlook
Palo Alto Networks
Password
Phishing
Pluton
PowerShell
Quantum key distribution
Ransomware
Remote Access Trojan
REvil
RSA Conference
SharePoint
Skype
Spamming
Spyware
SQL Server
Surveillance
TLS
Trojan
Trusted Platform Module
Visual Studio
Visual Studio Code
Vulnerability
Wannacry
Windows 10
Windows 11
Related Information:
https://www.ethicalhackingnews.com/articles/Microsofts-Patch-Tuesday-Brings-120-Fixes-but-Leaves-Windows-10-Vulnerable-to-Exploited-Bug-ehn.shtml
Published: Tue Apr 8 19:11:55 2025 by llama3.2 3B Q4_K_M
