Home Microsoft CVE-2025-24985
CRITICAL: THIS VULNERABILITY IS ACTIVELY BEING EXPLOITED IN THE WILD (CISA KEV CATALOG)
Back to Microsoft

CVE-2025-24985

Exploited

Target: Windows - Fast FAT Driver

Microsoft CVSS 7.8 Updated March 10, 2026
Threat Level HIGH

Executive Risk Summary

"An integer overflow or wraparound vulnerability in the Windows Fast FAT Driver allows an unauthorized attacker to execute code locally, potentially leading to a complete system compromise. This vulnerability poses a significant risk to Windows systems, as it can be exploited by an attacker to gain elevated privileges and execute malicious code."

Operational Audit Arsenal

Target Type Driver
Target Asset Fast FAT Driver
Standard Path Windows File System
PowerShell 
# 🛠️ Senior Engineer Universal Audit
# Target: Fast FAT Driver (Driver)
$Target = "Fast FAT Driver"
$SearchPaths = @("$env:windir\System32", "$env:ProgramFiles", "${env:ProgramFiles(x86)}")

Get-ChildItem -Path $SearchPaths -Filter $Target -Recurse -ErrorAction SilentlyContinue | 
Select-Object FullName, @{Name="Version";Expression={$_.VersionInfo.ProductVersion}}

Patch Impact Forecast

Reboot Required Required
Service Disruption

Moderate

Internal Work Notes

Recommend immediate patching of affected systems to mitigate the risk of code execution, and monitor for any suspicious activity related to the Fast FAT Driver.

Intelligence Sources

Microsoft Security Response Center https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24985
Official Advisory https://www.vicarius.io/vsociety/posts/cve-2025-24985-integer-overflow-vulnerability-in-microsoft-windows-fast-fat-driver-detection-script
Official Advisory https://www.vicarius.io/vsociety/posts/cve-2025-24985-integer-overflow-vulnerability-in-microsoft-windows-fast-fat-driver-mitigation-script
CISA KEV Catalog https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24985

Scope of Impact

Windows Server 2022 23H2 Windows 10 1809 Windows Server 2008 (Version r2) Windows 11 24H2 Windows 10 22H2 Windows Server 2012 (Version r2) Windows Server 2016 Windows Server 2008 Windows Server 2012 Windows Server 2025 Windows 11 22H2 Windows 10 21H2 Windows 10 1607 Windows Server 2019 Windows 11 23H2 Windows 10 1507 Windows Server 2022

Original NVD Description

"Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally."

Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.