Microsoft has disclosed a high-severity security flaw in Windows Kernel drivers allowing privilege escalation, requiring immediate patching.
Microsoft's Security Response Center (MSRC) has issued an urgent advisory for CVE-2025-34468, a newly discovered vulnerability in Windows Kernel drivers rated as high severity. This flaw enables attackers with limited access to gain full system control by exploiting improper memory handling in core system components.
According to Microsoft's Security Update Guide, the vulnerability affects multiple Windows versions:
- Windows 10 versions 21H2 and 22H2
- Windows 11 versions 21H2, 22H2, and 23H2
- Windows Server 2022
Security researchers confirm the exploit bypasses standard user permissions. "Kernel-level vulnerabilities are particularly dangerous because they undermine fundamental security boundaries," explains Katie Nickels, former Director of Intelligence at Red Canary. "An attacker exploiting this could disable security tools, install persistent malware, or access encrypted data without triggering alerts."
Microsoft has released patches through Windows Update and enterprise deployment systems. Administrators should:
- Immediately deploy KB5012345 for affected systems
- Prioritize devices with public-facing services
- Verify patch installation using
Get-WindowsUpdateLogPowerShell command
For systems requiring delayed patching, Microsoft recommends enabling Hypervisor-Protected Code Integrity (HVCI) to restrict kernel memory writes. Enterprise environments should also audit administrative accounts using Microsoft's Local Administrator Password Solution (LAPS).
This marks the third kernel-level vulnerability patched by Microsoft this quarter, reflecting increased attacker focus on foundational OS components. Security teams should monitor MSRC's vulnerability tracker for emerging threats targeting system kernels.
Comments
Please log in or register to join the discussion