6 matches found
Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022)
This is the third part of our study about the Common Log File System CLFS and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Please read the previous parts first if you havent already. You can skip to the other parts using this tab...
Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday
This months Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, Apple has also quashed a pair of...
CVE-2022-35803
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
CVE-2022-35803
CVE-2022-35803 affects the Windows Common Log File System Driver. The vulnerability is a local elevation-of-privilege in CLFS that could allow an attacker with low privileges to gain SYSTEM-level access, with impact to confidentiality, integrity, and availability rated high. The entry notes a CVS...
Microsoft Patch Tuesday for September 2022 — Snort rules and prominent vulnerabilities
By Jon Munshaw and Asheer Malhotra. Microsoft released its monthly security update Tuesday, disclosing 64 vulnerabilities across the company’s hardware and software line, a sharp decline from the record number of issues Microsoft disclosed last month. September's security update features five...
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2022-35803)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...