Microsoft and cybersecurity agencies are urging immediate action to address a critical vulnerability in Windows NTFS (CVE-2025-24991) that enables attackers to extract sensitive data from systems. The flaw, an out-of-bounds read (CWE-125), allows attackers to trick users into mounting malicious virtual hard disks (VHDs), exposing kernel memory contents like cryptographic keys or cached credentials. With … Continue reading CISA Adds Windows NTFS Vulnerability in its Known Exploit Vulnerability Catalog