Microsoft Warns of Under-Attack Windows Flaw


Microsoft said on Tuesday that its security experts have discovered zero-day exploits of a key flaw in its flagship Windows platform.

Microsoft provided a patch for the most recent zero-day vulnerability in the September Patch Tuesday releases and cautioned that attackers are already abusing the vulnerability to acquire SYSTEM rights on fully patched Windows machines. Microsoft issued a bulletin recognizing the existence of the flaw in Windows Common Log File System (CLFS), a data and event recording subsystem.

The vulnerability, identified as CVE-2022-37969, was reported to Microsoft by four separate entities, indicating that it was exploited in a chain of events tied to restricted, focused assaults. The updates address at least 64 new vulnerabilities in a variety of Windows and operating system components.

Read More: Microsoft Raises Alert for Under-Attack Windows Flaw

For more such updates follow us on Google News ITsecuritywire News