Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have discovered post-compromise exploitation of a newly discovered zero-day vulnerability in the Windows Common Log File System (CLFS) against a small number of targets. Microsoft released security updates to address the vulnerability, tracked as CVE 2025-29824, on April 8, 2025.
The post Exploitation of CLFS zero-day leads to ransomware activity appeared first on Microsoft Security Blog.
This article has been indexed from Microsoft Security Blog