Ransomware Alert: Paragon Driver Flaw Opens the Door to Cyber Mayhem
Microsoft warns that ransomware gangs are exploiting a Paragon Partition Manager BioNTdrv.sys driver zero-day flaw. This vulnerability allows attackers to gain SYSTEM-level access, surpassing administrator permissions. Both Microsoft and Paragon Software have patched the flaw, so remember to update your software—unless you want to give hackers a free pass to your system.
Hot Take:
Looks like ransomware gangs have found a new plaything in the Paragon Partition Manager’s driver, using it to exploit systems faster than you can say “Blue Screen of Death.” If drivers were cars, this one would be driving itself straight to the dark web!
Key Points:
- Microsoft has identified five vulnerabilities in the Paragon Partition Manager’s BioNTdrv.sys driver.
- One of these vulnerabilities, CVE-2025-0289, is being actively exploited by ransomware gangs for SYSTEM-level access.
- The flaws allow attackers to escalate privileges beyond typical administrator rights.
- Paragon Software and Microsoft have released patches to address these vulnerabilities.
- Users are advised to update Paragon Partition Manager and enable Windows’ Vulnerable Driver Blocklist.
Already a member? Log in here