Several ransomware groups, including RansomEXX and Play, are exploiting a zero-day vulnerability in the Windows Common Log File System to elevate system privileges and deploy malware. This flaw was identified and patched during Microsoft's Patch Tuesday update in April 2024.