Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)

September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day (CVE-2022-37969) exploited by attackers. About CVE-2022-37969 CVE-2022-37969 is an elevation of privilege vulnerability in the Windows Common Log File System (CLFS) Driver, and an attacker must already have access and the ability to run code on the target system (e.g., by exploiting another vulnerability or through social engineering) before trying to trigger it. “Post-exploitation flaws such … More →

The post …

clfs crowdstrike cve dns don't miss driver fixes microsoft patch tuesday tenable trend micro windows zero-day