Microsoft’s March 2025 Patch Tuesday update addressed a critical NTFS information disclosure vulnerability (CVE-2025-24984) actively exploited by attackers. With a CVSS score of 4.6, this flaw allows attackers with physical access to a device to insert a malicious USB drive, triggering unintended logging of sensitive heap memory data into system logs. While not yet linked … Continue reading CISA Issues Alert on Windows NTFS Vulnerability Exploits in Data Theft