Microsoft’s September Patch Tuesday Release

Microsoft’s September Patch Tuesday Release

“Microsoft patched CVE-2022-37969, an elevation of privilege vulnerability in the Windows Common Log File System (CLFS) Driver. According to Microsoft, this flaw has been exploited in the wild as a zero-day. However, exploiting this vulnerability requires an attacker to have already gained access to a vulnerable target system via other means, such as exploiting a separate vulnerability or social engineering. Post-exploitation flaws such as this one are often exploited through a specially crafted application. CVE-2022-24521, a similar vulnerability in CLFS, was patched earlier this year as part of Microsoft’s April Patch Tuesday release and was also exploited in the wild. CVE-2022-37969 was disclosed by several groups, though it’s unclear if CVE-2022-37969 is a patch bypass for CVE-2022-24521 at this point. — Satnam Narang, Sr. Staff Research Engineer at Tenable

Related articles

Push Boundaries Further with GH Carabiner’s Sleek 17-in-1 Design

Indian investment banker Shauraya Bhutani makes it to Forbes Asia’s 30 Under 30

German-Based SEAFORM Kitchens & Wardrobes Launches Its New Collection in New Delhi

Lexus Rz 450e Electrifies In Black Panther, Marvel Studios: Wakanda Forever 2022

Lexus Rz 450e Electrifies In Black Panther, Marvel Studios: Wakanda Forever 2022

Nurturing a global tech community: India successfully hosts the second Global Tech Advocates (GTA) Summit in Bengaluru

Nurturing a global tech community: India successfully hosts the second Global Tech Advocates (GTA) Summit in Bengaluru

Motovolt Mobility Inaugurates A New Store At Nicco Park

Motovolt Mobility Inaugurates A New Store At Nicco Park

Leave a Reply

Your email address will not be published. Required fields are marked *