CVE-2025-55680

Name of the Vulnerable Software and Affected Versions Windows versions prior to October 2025 Description A time-of-check time-of-use (TOCTOU) race condition exists in the Windows Cloud Files Mini Filter Driver. This condition allows a locally authorized attacker to elevate privileges. The issue stems from incorrect handling of file access checks during placeholder creation requests, specifically within the HsmFltProcessHSMControl, HsmFltProcessCreatePlaceholders, and HsmpOpCreatePlaceholders function calls. The vulnerability bypasses a previous patch addressing a similar issue reported in 2020. Exploitation involves manipulating the file path string to circumvent access control checks, enabling arbitrary file creation and potential system compromise. The vulnerability was discovered in March 2024 and addressed in October 2025. Recommendations Update Windows to the latest version released in October 2025 or later.