Microsoft Brokering File System Vulnerability Enables Local Privilege Escalation
Microsoft has recently patched a critical vulnerability in its Brokering File System (BFS) driver, which could have allowed attackers to escalate privileges on Windows systems, potentially gaining unauthorized access to sensitive data and systems.
The vulnerability, tracked as CVE-2025-29970, affects the bfs.sys component and was discovered by researchers at HT3Labs, highlighting the importance of ongoing security research and testing.
Vulnerability Overview
The Brokering File System, introduced alongside Windows’ Win32 App Isolation feature, is a mini-filter driver responsible for managing I/O operations for isolated applications, making it a critical security boundary that requires robust protection.
BFS specifically handles file access from sandboxed applications, ensuring that these applications do not access unauthorized files or data, and any vulnerability in this component could have significant security implications.
The vulnerability stems from improper memory management during the cleanup of policy entries within the driver, which can lead to a use-after-free condition, potentially allowing attackers to execute arbitrary code or escalate privileges.

The flaw lies in the BfsCloseStorage function, where the DirectoryBlockList linked list is deallocated incorrectly, leading to a use-after-free condition that can cause system crashes or potentially allow privilege escalation.
During cleanup, the head of the linked list is freed at the end of the first iteration, but the function continues to dereference this freed memory in subsequent iterations, creating a classic use-after-free condition that can be exploited by attackers.
This vulnerability can be triggered when policies are removed through the BfsProcessDeletePolicyRequest IOCTL call, and the system deallocates associated PolicyEntry objects and their members, highlighting the importance of proper memory management in security-critical components.
The vulnerability occurs during the StorageObject cleanup phase, where the deallocation loop in BfsCloseStorage improperly handles the DirectoryBlockList structure, leading to a use-after-free condition that can be exploited by attackers.
The function retrieves the first entry of the linked list, performs integrity checks, unlinks the node, deallocates the accompanying DirectoryBlockBuffer and the node itself, and then frees the list head all within a single iteration, which can lead to subsequent iterations accessing freed memory.
This flawed logic means that when a linked list contains multiple entries, the head is deallocated prematurely, leading to subsequent iterations accessing freed memory and potentially causing system crashes or allowing privilege escalation.
The tight window between memory deallocation and reuse makes exploitation challenging, but attackers with local access and appropriate tokens could still trigger the vulnerability, highlighting the importance of prompt patching and robust security measures.
To exploit CVE-2025-29970, attackers must satisfy several conditions, including obtaining a handle containing a specific token that enables BFS IOCTL calls, typically obtained by impersonating a suitable process with an AppSilo token, as reported by PixieSecurity.
PolicyEntry objects must exist in the PolicyTable at the time of the removal request, and these entries must have an attached StorageObject with a DirectoryBlockList containing multiple entries, making exploitation more challenging but not impossible.
While CVE-2025-29970 poses challenges for exploitation due to limited pointer usage and a narrow window of opportunity, it highlights ongoing security concerns with Windows sandboxing mechanisms and the importance of robust security testing and research.
As Microsoft expands application isolation features through AppContainer and AppSilo technologies, drivers like BFS represent increasingly attractive targets for privilege escalation attacks, making it essential to prioritize security and patching.
Security researchers recommend that organizations apply the latest Windows security updates promptly to protect against this and similar vulnerabilities in the Brokering File System, ensuring the security and integrity of their systems and data.