Microsoft · Kernel Streaming Wow Thunk Service Driver · CVE-2025-53149
**Name of the Vulnerable Software and Affected Versions**
Windows Kernel Streaming WOW Thunk Service Driver versions prior to a patch released in September 2025
**Description**
A heap-based buffer overflow exists in the Windows Kernel Streaming WOW Thunk Service Driver (`ksthunk.sys`). This issue allows an authorized attacker to elevate privileges locally, potentially gaining SYSTEM-level access. The vulnerability is related to a buffer overflow in dynamically allocated memory within the driver. Exploitation of this issue can allow an attacker to affect the system.
**Recommendations**
Apply the patch released in September 2025 to address the vulnerability.