1.0 Introduction
Recently, Microsoft released an advisory to address a high-severity vulnerability, tracked as CVE-2025-21420, has been identified in the Windows Disk Cleanup Toll (cleanmgr.exe).
2.0 Impact
This vulnerability allowing attackers to escalate privileges to the SYSTEM.
3.0 Affected Products
Windows Disk Cleanup Tool (cleanmgr.exe)
4.0 Recommendations
CyberSecurity Malaysia also encourages users and administrators to review
Microsoft Security Update Guide
for more information and apply the necessary updates.
Kindly refer to the following URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21420
Generally, we advise users to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact Cyber999 Incident Response Centre through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 the MYT
Web:
https://www.mycert.org.my
5.0 References