Senselessly Tooted Disinformation (2025-02-12 13:14:38)

Here are the results of #ghidriff's VersionTrackingDiff ran on the latest patch of afd.sys (likely as the result of CVE-2025-25418):

https://gist.github.com/v-p-b/458475d0c7f8aaf6496b5168c04ea262

The change seems to affect a single but significant API (AfdAccept()), my initial guess is this was a locking issue.

#ExploitWednesday

Post from 2025-02-12 13:14:38