One of the zero-day vulnerabilities, CVE-2025-24983, is a use-after-free memory corruption in the Win32 kernel subsystem that can lead to privilege escalation. The flaw was reported to Microsoft by researchers from antivirus software ESET. The ESET researchers said the exploit was first seen in the wild in 2023, when it was deployed on computers through a backdoor program dubbed PipeMagic.
-– bonitas non est pessimis esse meliorem –-
