Alex Vovk is the CEO & Co-founder of Action1, a leading provider of autonomous endpoint management solutions. Alex co-founded Action1 together with Mike Walters after spending more than 10 years in Co-CEO & Co-Founder role at Netwrix Corporation, where he was responsible for product strategy, technology alliances and operations. At Netwrix, Alex and Mike built a very successful cybersecurity business, and then they both left Netwrix after transition to a new CEO. Well known for its visibility and user behavior analytics platform, Netwrix has grown into a multi-billion-dollar industry-leading cybersecurity company. As the CEO of Action1, Alex brings more than 20 years of business and technology experience and has a PhD in information security. Alex lives in Irvine, CA with his wife and three kids.
The second actively exploited zero-day vulnerability is CVE-2025-21418 – another EoP bug, but this time in the Windows Ancillary Function Driver (AFD) for WinSock. It applies to all Windows versions containing the vulnerable AFD.sys driver, including Windows 10, Windows 11, Windows Server 2016 and later, according to Action1 co-founder, Alex Vovk. “Successful exploitation grants system privileges, the highest level in Windows, allowing an attacker to install programs, manipulate data, create accounts with full user rights and modify system configurations and security settings,” he added.
In light of the latest Google Chrome web browser security update addressing a number of serious, high-severity memory vulnerabilities, Alex Vovk, CEO and co-founder of Action1, an endpoint and patch management company, has offered the following advice for organizations that are impacted.