A newly patched heap-based buffer overflow (CVE-2025-53149) in Windows' Kernel Streaming WOW Thunk Service (ksthunk.sys) could enable kernel memory corruption. Discovered by Crowdfense researchers, the flaw highlights persistent risks in driver-level code handling legacy compatibility layers.