Critical Vulnerability in Microsoft’s Brokering File System Allows Privilege Escalation
Microsoft has recently addressed a significant security flaw in its Brokering File System (BFS) driver, identified as CVE-2025-29970. This vulnerability, classified as a use-after-free (UAF) issue, enables local attackers to escalate their privileges on Windows systems that run isolated or sandboxed applications. Such a flaw is particularly concerning for enterprise environments that rely on these security features to protect sensitive operations.
Understanding the Brokering File System (BFS):
The BFS driver, known as bfs.sys, is integral to Microsoft’s sandbox mechanisms, including Windows AppContainer and AppSilo. These technologies are designed to isolate Win32 applications, thereby enhancing system security by restricting the applications’ access to system resources. BFS manages file, pipe, and registry operations for these isolated applications, making it a critical component in maintaining the integrity of the sandbox environment.
Details of the Vulnerability:
The root cause of CVE-2025-29970 lies in improper memory management within the BFS’s DirectoryBlockList deallocation logic. Specifically, the vulnerable code deallocates the head of a linked list while still iterating through its remaining entries. This oversight creates a classic use-after-free condition, where the system attempts to access memory that has already been freed, leading to potential exploitation.
The vulnerability is triggered when policy entries are removed via the BfsProcessDeletePolicyEntryRequest IOCTL. During this process, the flawed deallocation can be exploited by attackers to manipulate freed memory structures, potentially leading to arbitrary code execution or system crashes.
Exploitation Requirements and Impact:
To successfully exploit this vulnerability, an attacker must meet specific conditions:
– Impersonation: The attacker needs to impersonate a process with AppSilo token capabilities.
– Policy Entry Manipulation: The attacker must create policy entries within the system and repeatedly trigger removal operations to force the reclamation of freed memory.
Testing has shown that only processes running at a Medium Integrity Level can access the BFS device, which somewhat limits the scope of potential exploitation. However, this does not eliminate the risk entirely. The attack sequence involves impersonating a low-box token, creating temporary files in isolated application directories, and executing rapid IOCTL-based add-remove cycles.
While immediate system crashes were not observed due to memory allocation patterns, sustained exploitation reliably triggers a fatal system error (0x00000050) in bfs.sys. This indicates that the vulnerability poses a significant threat to systems utilizing Windows sandbox features, especially in enterprise environments that deploy isolated applications for enhanced security.
Microsoft’s Response and Recommendations:
Microsoft has addressed this vulnerability by releasing patches in January 2025. The update includes a dedicated BfsCloseRootDirectory function, ensuring that the list head is deallocated only after all entries have been processed, thereby mitigating the use-after-free condition.
Organizations are strongly advised to:
– Apply Patches Promptly: Ensure that all systems are updated with the latest patches to protect against this vulnerability.
– Monitor for Exploitation Attempts: Security teams should be vigilant for any signs of exploitation targeting medium-integrity processes.
– Restrict Untrusted Applications: Consider limiting the execution of untrusted applications in sandboxed environments until the patch is fully deployed.
This vulnerability underscores the importance of continuous security assessments of Windows kernel-mode components. Even specialized security drivers can suffer from subtle memory management flaws, highlighting the need for ongoing vigilance and prompt response to emerging threats.
