MSYS2

MSYS2 is a lightweight development environment and package manager for Windows that provides Unix-like tools for software developers. This high-severity vulnerability requires local access and user interaction to exploit, but once successful, grants an attacker high-level control over system confidentiality, integrity, and availability. Security teams should monitor for exploitation attempts targeting developer workstations and watch for suspicious package installations or modifications through MSYS2 until patches are released by May 8, 2025.