CVE-2025-24985 vulnerability in Microsoft Products

CVE-2025-24985 vulnerability in Microsoft Products
Published on March 11, 2025

Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.

Known Exploited Vulnerability

This Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code with a physical attack.

The following remediation steps are recommended / required by April 1, 2025: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

Products Associated with CVE-2025-24985

You can be notified by stack.watch whenever vulnerabilities like CVE-2025-24985 are published in these products:

What versions are vulnerable to CVE-2025-24985?

Microsoft Windows Server 2008 Version r2 sp1 x64

Microsoft Windows Server 2012 Version r2

Microsoft Windows Server 2012 Version -

Microsoft Windows Server 2008 Version - sp2 x64

Microsoft Windows Server 2008 Version - sp2 x86

Microsoft Windows 10 1507 Fixed in Version 10.0.10240.20947 x64

Microsoft Windows Server 2016 Fixed in Version 10.0.14393.7876

Microsoft Windows Server 2019 Fixed in Version 10.0.17763.7009

Microsoft Windows 11 24h2 Fixed in Version 10.0.26100.3476

Microsoft Windows 11 23h2 Fixed in Version 10.0.22631.5039

Microsoft Windows 11 22h2 Fixed in Version 10.0.22621.5039

Microsoft Windows 10 22h2 Fixed in Version 10.0.19045.5608

Microsoft Windows 10 21h2 Fixed in Version 10.0.19044.5608

Microsoft Windows 10 1809 Fixed in Version 10.0.17763.7009 x86

Microsoft Windows 10 1809 Fixed in Version 10.0.17763.7009 x64

Microsoft Windows 10 1607 Fixed in Version 10.0.14393.7876 x86

Microsoft Windows 10 1607 Fixed in Version 10.0.14393.7876 x64

Microsoft Windows 10 1507 Fixed in Version 10.0.10240.20947 x86

Microsoft Windows Server 2022 Fixed in Version 10.0.20348.3328

Microsoft Windows Server 2022 23h2 Fixed in Version 10.0.25398.1486 x64

Microsoft Windows Server 2025 Fixed in Version 10.0.26100.3476 x64

CVE-2025-24985 vulnerability in Microsoft ProductsPublished on March 11, 2025

Known Exploited Vulnerability

Vulnerability Analysis

Products Associated with CVE-2025-24985

What versions are vulnerable to CVE-2025-24985?

CVE-2025-24985 vulnerability in Microsoft Products
Published on March 11, 2025