CVE-2025-29824 vulnerability in Microsoft Products
Published on April 8, 2025

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Vendor Advisory NVD

Known Exploited Vulnerability

This Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.

The following remediation steps are recommended / required by April 29, 2025: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

Products Associated with CVE-2025-29824

You can be notified by stack.watch whenever vulnerabilities like CVE-2025-29824 are published in these products:

Microsoft Windows Server 2012

Microsoft Windows 10

Microsoft Windows 11

Microsoft Windows Server 2025

Microsoft Windows 11 24h2

Microsoft Windows Server 2022 23h2

Microsoft Windows Server 2022

Microsoft Windows Server 2019

Microsoft Windows Server 2008

Microsoft Windows Server 2016

What versions are vulnerable to CVE-2025-29824?

Microsoft Windows Server 2012 Version r2
Microsoft Windows 10 1809 Fixed in Version 10.0.17763.7137 x32
Microsoft Windows 10 1809 Fixed in Version 10.0.17763.7137 x64
Microsoft Windows 10 21h2 Fixed in Version 10.0.19044.5737 arm64
Microsoft Windows 10 21h2 Fixed in Version 10.0.19044.5737 x32
Microsoft Windows 10 21h2 Fixed in Version 10.0.19044.5737 x64
Microsoft Windows 10 22h2 Fixed in Version 10.0.19045.5737 x32
Microsoft Windows 10 22h2 Fixed in Version 10.0.19045.5737 arm64
Microsoft Windows 10 22h2 Fixed in Version 10.0.19045.5737 x64
Microsoft Windows 11 22h2 Fixed in Version 10.0.22621.5191 arm64
Microsoft Windows Server 2025 Fixed in Version 10.0.26100.3775 x64
Microsoft Windows 11 24h2 Fixed in Version 10.0.26100.3775 x64
Microsoft Windows 11 24h2 Fixed in Version 10.0.26100.3775 arm64
Microsoft Windows Server 2022 23h2 Fixed in Version 10.0.25398.1551
Microsoft Windows 11 22h2 Fixed in Version 10.0.22631.5191 x64
Microsoft Windows 11 22h2 Fixed in Version 10.0.22621.5191 x64
Microsoft Windows Server 2022 Fixed in Version 10.0.20348.3454
Microsoft Windows Server 2019 Fixed in Version 10.0.17763.7137
Microsoft Windows 10 1607 Fixed in Version 10.0.14393.7970 x32
Microsoft Windows 10 1607 Fixed in Version 10.0.14393.7970 x64
Microsoft Windows Server 2008 Fixed in Version 6.0.6003.23220 sp1 x64
Microsoft Windows Server 2008 Fixed in Version 6.0.6003.23220 sp2 x32
Microsoft Windows Server 2008 Fixed in Version 6.0.6003.23220 sp2 x64
Microsoft Windows Server 2012 Fixed in Version 6.2.9200.25423
Microsoft Windows Server 2016 Fixed in Version 10.0.14393.7970

CVE-2025-29824 vulnerability in Microsoft ProductsPublished on April 8, 2025

Known Exploited Vulnerability

Vulnerability Analysis

Products Associated with CVE-2025-29824

What versions are vulnerable to CVE-2025-29824?

CVE-2025-29824 vulnerability in Microsoft Products
Published on April 8, 2025