Malicious entities have been taking advantage of a security flaw in Paragon Partition Manager’s BioNTdrv.sys driver during ransomware incidents to elevate privileges and run unauthorized code.
The undisclosed vulnerability (CVE-2025-0289) is included in a group of five weaknesses identified by Microsoft, as stated by the CERT Coordination Center (CERT/CC).
“These encompass arbitrary kernel memory mapping and