Security News > 2025 > April > Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed

Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed
2025-04-13 08:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) April 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day (CVE-2025-29824) that’s under active attack. WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the … More → The post Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2025/04/13/week-in-review-microsoft-patches-exploited-windows-clfs-0-day-winrar-motw-bypass-flaw-fixed/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2025-04-08 CVE-2025-29824 Use After Free vulnerability in Microsoft products
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-416
7.8
7.8
2025-04-03 CVE-2025-31334 Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. 0.0
0.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 392 52 1467 2976 183 4678