Microsoft warns CVE-2025-29824 lets attackers with user access escalate privileges to deploy ransomware via a flaw in Windows CLFS.