Attackers are currently targeting Windows 10, 11, and various Windows server versions, exploiting vulnerabilities that could grant them system rights. Administrators are urged to ensure that Windows Update is active to keep their systems secure.
One notable vulnerability identified as CVE-2025-29824, classified as "high," affects the protocol file system driver. Currently, there isn’t much detailed information available about this vulnerability, except that it may allow locally authenticated attackers to gain elevated system privileges. Given that it’s a memory corruption issue (specifically, a use-after-free vulnerability), attackers might exploit it through specific inputs to execute malicious code and compromise entire systems. As per Microsoft, patches for Windows 10 (both 32-bit and 64-bit) have not been issued yet, and the timeline for their release remains uncertain.
Additional critical vulnerabilities also exist across various Microsoft products. These include risks in Excel (CVE-2025-27752), Hyper-V (CVE-2025-27491), and Windows Remote Desktop Services (CVE-2025-27480). In the case of Remote Desktop Services, attackers only need to connect to a vulnerable system and trigger a race condition to install malicious software. Updates for Hyper-V within Windows 10 are expected to be released at a later date.
Patches are also available for Office, SharePoint, and Windows Defender, through which attackers may access sensitive information, induce denial of service (DoS) conditions, or obtain higher user rights. For comprehensive details on these vulnerabilities and their patches, users can refer to the Microsoft Security Update Guide.
It’s crucial for users and IT professionals to remain vigilant and promptly apply updates as they become available.