Microsoft has patched a vital zero-day vulnerability within the Home windows Desktop Window Supervisor (DWM) Core Library, tracked as CVE-2025-30400, which was actively exploited within the wild to grant attackers SYSTEM-level privileges on affected techniques.
The flaw, disclosed as a part of Microsoft’s Could 2025 Patch Tuesday, underscores the persistent dangers posed by privilege escalation bugs in extensively deployed Home windows elements.
CVE-2025-30400 is classed as an “Elevation of Privilege” vulnerability stemming from a “use-after-free” reminiscence corruption concern within the DWM Core Library.
This weak spot, cataloged beneath CWE-416, permits a certified attacker to execute code with SYSTEM privileges-the highest degree of entry on Home windows systems-by exploiting improper reminiscence administration throughout the DWM course of.
Based on Microsoft, the vulnerability might be leveraged regionally by an attacker who already has entry to the goal machine. Profitable exploitation allows the attacker to bypass normal safety boundaries, doubtlessly permitting them to put in malicious software program, modify system settings, or entry delicate information with out detection.
Exploitation and Influence
Microsoft confirmed that CVE-2025-30400 had been actively exploited earlier than a patch was made out there, making it a real zero-day menace.
Though the vulnerability was not publicly disclosed previous to patching, proof of exploitation was detected within the wild, prompting Microsoft to induce fast motion from customers and directors.
“Use after free in Home windows DWM permits a certified attacker to raise privileges regionally,” Microsoft acknowledged in its advisory. The corporate attributed the invention of this flaw to its personal Menace Intelligence Heart, highlighting the continuing efforts to observe and reply to rising threats.
Attackers exploiting this bug may achieve SYSTEM privileges, granting them full management over the compromised gadget. This degree of entry is especially harmful, because it permits for persistent and stealthy assaults that may evade conventional safety measures.
The repair for CVE-2025-30400 was launched on Could 13, 2025, as a part of a broader safety replace that addressed a complete of 72 to 83 vulnerabilities, together with 5 zero-days that had been actively exploited.
Microsoft categorized the severity of this vulnerability as “Necessary” and assigned it a CVSS rating of seven.8, reflecting its vital threat to enterprise and shopper techniques.
Safety consultants and Microsoft strongly suggest that every one Home windows customers and directors apply the newest updates instantly to mitigate the danger of exploitation. Organizations are additionally suggested to allow automated updates and evaluation safety insurance policies to make sure speedy deployment of vital patches.
The invention and patching of CVE-2025-30400 spotlight the continuing problem of securing advanced working system elements like Home windows DWM.
With attackers actively exploiting such vulnerabilities to realize SYSTEM privileges, well timed patching and vigilant safety practices stay important for safeguarding Home windows environments from subtle threats.
Vulnerability Assault Simulation on How Hackers Quickly Probe Web sites for Entry Factors – Free Webinar
