CVE-2025-24983: Microsoft Windows Win32k Use-After-Free Vulnerability.
Microsoft Windows Win32k Use-After-Free Vulnerability. Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
- CISA KEV-listed (remediation due 2025-04-01)
- EPSS 1.8% (83.2% percentile)