—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Privilege Escalation Vulnerability in Windows Cloud Files Mini Filter Driver 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: MEDIUM

Software Affected

Windows Cloud Files Mini Filter Driver

Overview

A vulnerability has been reported in Windows Cloud Files Mini Filter Driver, which could be exploited by an attacker to escalate privileges on the targeted system.

Target Audience:

All end-user organizations and individuals using Microsoft Cloud Files Mini Filter Driver.

Impact Assessment:

Potential for Privilege Elevation.

Description

A use after free vulnerability exists in Microsoft Windows Cloud Files Mini Filter Driver. An attacker with local access could exploit the flaw to interfere with access control or influence file state transitions managed by the driver on to the targeted system.

Successful exploitation of this vulnerability could allow the attacker escalation of privileges on the targeted system.

Solution

Apply the security updates released by Microsoft:

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-62221

Vendor Information

Microsoft

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-62221

References

 

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-62221

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-62221

CVE Name

CVE-2025-62221

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmk8H0gACgkQ3jCgcSdc

ys84HRAAlSUadRv+bOcFxeUlHxy1pKX//nmL00+tiSlYFefxz/Q+Bz6wFW9talMm

7vNyzDeS+gU5DuZOu6O0bvKuRI4q5iZgNbGSV3jzm8wqdRh1yDQQrB1APU4MgBP3

3T3gnoXoP0GaI6zSxWFQ42CoOFMetHfIll9vTPNSILkCLwk9PG3txBIfLWJ6Fk6i

45VCTrDm0NVHbxVuMqmn4WUT0mPqYCzh4l99sIpvViH3Q07vftWEv6ZX6NKNJg3W

5X0kFJ3A2YWHhDhMm20FQqA3Hfzpns761odf23hGGEw5+2NsceEeWxYItMNudn3M

YjWZ4gCWuGnFL5avg8XelcQhFT5GbUmJ7jYI5yaNd8nc63yym0K6MpiRwfla9SDZ

X4ZXEszJO1FOlDN9/h93FDX91mDtYiTBUyjAFQiOuspGhwz4CwquQVIshPfbGHzh

PqM0eyxD0/nMShfQONGBFdoUA1x7pMqMW/lGVt9C10x4N3UNVs9SDZsvwKa7UNA/

6pxq1ztqrbu1YbUix/wgJTQMfMOSzy/AQE66Uqmj4nUV/rhZN1h5bLwR+Hix7qz1

zxuqwM1gfLTL0E4g11Qh9I8pTclwMYiOigxjJ2OqfhsWtIFHAHEHdjUYKG9x6EoO

hiMzneGlukbB3oy7QfCsyN+gRTKIkeMUKdOBO4VxtuPnL9KqfG8=

=Ifwc

—–END PGP SIGNATURE—–