Windows Agere Modem driver active zero-day (CVE-2025-24990)
Vulnerability
Summary
Hide ▲
Show ▼
CVE-2025-24990 is an actively exploited zero-day in the Agere Modem driver bundled with Windows for years, and Microsoft responded by removing the vulnerable driver. The flaw affects Windows systems with the bundled third-party modem driver and was addressed in October 2025 as part of Patch Tuesday.
Related Happenings
Microsoft adds Cloud-Initiated Driver Recovery for Windows Update driver rollbacks
Security Tool/Service
First: 15.05.2026 15:29
Last: 15.05.2026 15:29
Sources 1
About this happening:
Microsoft is adding **Cloud-Initiated Driver Recovery** to **Windows Update**, giving it a remote rollback control for **problematic Windows drivers**. The capability reduces how...
Microsoft adds Cloud-Initiated Driver Recovery for Windows Update driver rollbacks
Security Tool/ServiceAbout this happening: Microsoft is adding **Cloud-Initiated Driver Recovery** to **Windows Update**, giving it a remote rollback control for **problematic Windows drivers**. The capability reduces how...
Cloud Software Group NetScaler urgent remediation advisory
Advisory/Mitigation
First: 25.03.2026 17:52
Last: 25.03.2026 17:52
Sources 1
About this happening:
**Cloud Software Group** issued urgent remediation guidance for **NetScaler ADC** and **NetScaler Gateway**, telling affected customers to install updated versions as soon as poss...
Cloud Software Group NetScaler urgent remediation advisory
Advisory/MitigationAbout this happening: **Cloud Software Group** issued urgent remediation guidance for **NetScaler ADC** and **NetScaler Gateway**, telling affected customers to install updated versions as soon as poss...
EDR killer abusing EnPortv.sys to disable 59 security tools
Malware Activity
First: 04.02.2026 16:17
Last: 04.02.2026 16:17
Sources 1
About this happening:
A custom **EDR killer** abused **EnPortv.sys** to disable endpoint security tools on infected Windows hosts, creating a window for follow-on intrusion activity. The 64-bit executa...
EDR killer abusing EnPortv.sys to disable 59 security tools
Malware ActivityAbout this happening: A custom **EDR killer** abused **EnPortv.sys** to disable endpoint security tools on infected Windows hosts, creating a window for follow-on intrusion activity. The 64-bit executa...
Windows 10 Agere modem drivers actively exploited elevation-of-privileges privilege-escalation flaw
Vulnerability
First: 13.01.2026 20:56
Last: 13.01.2026 20:56
Sources 1
About this happening:
An **actively exploited elevation-of-privileges flaw** in **built-in Agere modem drivers** exposed **Windows 10** systems to privilege escalation risk until **KB5073724** was inst...
Windows 10 Agere modem drivers actively exploited elevation-of-privileges privilege-escalation flaw
VulnerabilityAbout this happening: An **actively exploited elevation-of-privileges flaw** in **built-in Agere modem drivers** exposed **Windows 10** systems to privilege escalation risk until **KB5073724** was inst...
Microsoft Windows 11 WSL VPN connectivity disruption
Service Disruption
First: 15.12.2025 16:34
Last: 15.12.2025 16:34
Sources 1
About this happening:
Recent **Windows 11 security updates** are disrupting **VPN connectivity** for **Windows Subsystem for Linux (WSL)** users in enterprise environments, blocking access to **corpora...
Microsoft Windows 11 WSL VPN connectivity disruption
Service DisruptionAbout this happening: Recent **Windows 11 security updates** are disrupting **VPN connectivity** for **Windows Subsystem for Linux (WSL)** users in enterprise environments, blocking access to **corpora...
Timeline
-
15.10.2025 01:57 3 articles · 7mo ago
Microsoft discloses and removes CVE-2025-24990 Agere Modem zero-day
Initial DisclosureMicrosoft released 172 security updates in October Patch Tuesday and identified CVE-2025-24990 as an actively exploited zero-day in the bundled Agere Modem driver affecting Windows systems. Microsoft also removed the vulnerable driver from Windows after active attacks were observed.
Show sources
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Patch Tuesday, October 2025 ‘End of 10’ Edition — krebsonsecurity.com — 15.10.2025 01:57
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped — thehackernews.com — 15.10.2025 12:23