Microsoft patches a new zero-day affecting all versions of Windows

Microsoft has released security fixes for a zero-day vulnerability affecting all supported versions of Windows that has been exploited in real-world attacks.
The zero-day bug, tracked as CVE-2022-37969, is described as an elevation of privilege flaw in the Windows Common Log File System Driver, a subsystem used for data and event logging. The bug allows an attacker to obtain the highest level of access, known as system privileges, to a vulnerable device.
Microsoft says users running Windows 11 and earlier, and Windows Server 2008 and Windows Server 2012, are affected. Windows 7 will also recei

リンク元