Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: Microsoft Patches Critical Zero-Day Exploited in Ransomware
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

Microsoft Patches Critical Zero-Day Exploited in Ransomware

Highlights

  • Microsoft addressed 126 vulnerabilities, including a critical zero-day.

  • Storm-2460 exploited a Windows CLFS flaw in ransomware attacks.

  • Prompt patching is essential to protect against these security threats.

Samantha Reed
Last updated: 9 April, 2025 - 1:50 am 1:50 am
Samantha Reed 3 months ago
Share
SHARE

Microsoft has released a comprehensive security update addressing 126 vulnerabilities across its systems and key products. Among these, a critical zero-day flaw in the Windows Common Log File System (CLFS) has been actively exploited by the cybercriminal group Storm-2460. This update comes as organizations worldwide face increasing ransomware threats, highlighting the importance of timely software patching.

Contents
How Did Storm-2460 Exploit the Zero-Day Vulnerability?What Are the Potential Consequences of the CLFS Vulnerability?Why Are CLFS Vulnerabilities Frequently Targeted by Ransomware Operators?

Recent reports indicate a rise in the exploitation of elevation of privilege vulnerabilities within Microsoft’s CLFS, a trend that Microsoft’s latest patch aims to counter. Compared to previous security updates, this month marks a significant increase in the number of vulnerabilities addressed, reflecting the escalating tactics employed by threat actors to compromise systems.

How Did Storm-2460 Exploit the Zero-Day Vulnerability?

Storm-2460 utilized CVE-2025-29824 to initiate ransomware attacks by deploying PipeMagic malware. The group targeted a diverse range of organizations, including those in the IT and real estate sectors in the United States, the financial sector in Venezuela, a Spanish software company, and the retail sector in Saudi Arabia. This exploitation allowed the attackers to escalate privileges and gain extensive control over affected systems.

What Are the Potential Consequences of the CLFS Vulnerability?

“CVE-2025-29824 is significant because it affects a core component of Windows, impacting a wide range of environments, including enterprise systems and critical infrastructure,”

stated Mike Walters, president and co-founder at Action1. Exploiting this vulnerability enables attackers to install malware, modify system files, disable security features, and access sensitive data, leading to full system compromise and lateral movement within networks.

Why Are CLFS Vulnerabilities Frequently Targeted by Ransomware Operators?

“Elevation of privilege flaws in CLFS have become especially popular among ransomware operators over the years,”

stated Satnam Narang, senior staff research engineer at Tenable. These vulnerabilities allow threat actors to escalate their access levels seamlessly, facilitating the widespread deployment and detonation of ransomware within compromised environments.

Addressing these vulnerabilities is crucial for maintaining the security and integrity of affected systems. Organizations are advised to promptly apply the latest patches and continuously monitor their networks for potential threats. Implementing robust security measures and staying informed about current vulnerabilities can help mitigate the risks posed by such cyberattacks.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

Cloudflare Lets Websites Set Fees for AI-Crawling Bots

AT&T Launches Wireless Account Lock to Block SIM-Swapping Attacks

US Authorities Target North Korean IT Worker Schemes and Make Arrest

Hacker Tracks FBI Agent, Cartel Targets Witnesses in El Chapo Case

Cambodian Scam Compounds Trap Victims in Forced Labor, Amnesty Finds

Share This Article
Facebook Twitter Copy Link Print
Samantha Reed
By Samantha Reed
Samantha Reed is a 40-year-old, New York-based technology and popular science editor with a degree in journalism. After beginning her career at various media outlets, her passion and area of expertise led her to a significant position at Newslinker. Specializing in tracking the latest developments in the world of technology and science, Samantha excels at presenting complex subjects in a clear and understandable manner to her readers. Through her work at Newslinker, she enlightens a knowledge-thirsty audience, highlighting the role of technology and science in our lives.
Previous Article FBI Responds to Tesla Supercharger Bombing in Washington
Next Article Deep Cogito Releases Open LLMs Outperforming Competitors

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Robotics Leaders Expand Industrial and Service Robot Capabilities in 2025
Robotics
Meta Attracts AI Talent as Researchers Depart Rivals
AI Technology
Tesla Analysts Predict Musk and Trump Resolve Public Dispute
Electric Vehicle
Agtonomy and Captron Lead New Advances in Smart Agriculture
AI Robotics
Tesla Responds to Executive Exit as Musk Directs Global Sales
Electric Vehicle
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?