CVE-2025-24044
win32k.sys — use-after-free allows elevation of privilege
Summary
| Field | Value |
|---|---|
| Driver | win32k.sys (Win32 Kernel Subsystem) |
| Vulnerability Class | Use-After-Free |
| CVSS | 7.8 |
| Exploited ITW | No |
| Patch Date | March 11, 2025 |
Root Cause
The Win32 Kernel Subsystem mismanages the lifetime of a graphical object. A freed object is dereferenced through a stale pointer during subsequent window operations.
Exploitation
The attacker triggers the UAF through a sequence of window management operations. Heap spraying reclaims the freed memory, and the stale dereference provides kernel code execution for SYSTEM escalation.
Exploitation Primitive
Window operation sequence → UAF → heap reclaim
→ stale dereference → SYSTEM