The offensive research team of the big data analysis artificial intelligence (AI) corporation S2W recently announced on the 10th that it had captured a zero-day vulnerability in the Windows Common Log File System (CLFS) driver.
The recently discovered zero-day "CVE-2025-32713" is a vulnerability that occurs due to improper memory management in the CLFS driver. It can be exploited to take over system privileges and is classified as a serious security threat.
A representative from S2W said, "All Windows products that have not received cumulative updates since June this year are exposed to this vulnerability, so special caution is required," adding, "We recommend updating to the latest version."
A zero-day refers to a security vulnerability that is not known to the developer, and it is derived from the meaning that there is no time to apply a patch after the vulnerability has been discovered.
Kim Seung-hwa, the tech leader of the offensive research team at S2W who first reported this vulnerability to Microsoft (MS), noted, "We will continue to enhance our research on potential attack vulnerabilities and strengthen threat intelligence to proactively detect and deeply analyze key vulnerabilities at a company-wide level."