Microsoft Patches Vulnerabilities in Paragon Partition Manager

Microsoft has patched five flaws in the Paragon Partition Manager software, including one that was being actively used to drop ransomware. The flaws were found in the BioNTdrv.sys kernel-level driver, which can be abused to escalate privileges in Windows.

The company has added the affected version of the driver to its Vulnerable Driver Blocklist and urged users to apply updates as soon as possible. Users can check if the blocklist is enabled by going to Settings > Privacy and Security > Windows Security > Device Security > Core Isolation > Microsoft Vulnerable Driver Blocklist.

Cybercriminals can use the vulnerable driver to gain SYSTEM privileges in Windows, allowing them to mount ransomware attacks. The flaws can be exploited even if the Paragon Partition Manager software is not installed on the device.

Microsoft has confirmed the findings and has patched the flaws in the affected software. Users are advised to upgrade to the latest version of the software, which comes with the updated BioNTdrv.sys version 2.0.0.