Rapid Exploitation of Microsoft and Apple Vulnerabilities Highlights Urgency for Prompt Patching
In a stark reminder of the evolving cybersecurity landscape, recent vulnerabilities in Microsoft and Apple systems have been swiftly exploited by threat actors, emphasizing the critical need for timely updates and proactive security measures. Microsoft’s CVE-2025-24054 Exploited Within Days On March 11, 2025, Microsoft released its Patch Tuesday updates, addressing various security flaws, including CVE-2025-24054—a vulnerability in the Windows Common Log File System (CLFS) driver. Initially deemed “less likely” to be exploited, this vulnerability was weaponized by attackers within just eight days. Exploitation involved phishing emails containing malicious ZIP archives hosted on Dropbox. These archives included files that, when interacted with, triggered the vulnerability, leading to the leakage of Net-NTLMv2 hashes. Such leaks can be leveraged for offline brute-force attacks or relay attacks, potentially granting unauthorized access to systems. Notably, the stolen hashes were exfiltrated to an IP address previously associated with the Russian-linked APT28 group, though no direct attribution has been confirmed. Apple’s Immediate Response to Zero-Day Exploits Simultaneously, Apple addressed two zero-day vulnerabilities with the release of iOS 18.4.1 and iPadOS 18.4.1. Apple credited the discovery of these vulnerabilities to its internal teams and Google’s Threat Analysis Group, highlighting the collaborative effort in identifying and mitigating such threats. Implications for Small and Medium Enterprises (SMEs) These incidents underscore the increasing speed at which vulnerabilities are being exploited post-disclosure. For SMEs, this trend necessitates: At Blue Eclipse Ltd, we specialize in assisting SMEs to navigate these challenges, offering tailored solutions to enhance their cybersecurity posture. For further details on these vulnerabilities, refer to the original reports from The Register and BleepingComputer