Microsoft said it observed a threat actor known as Storm-2460 abuse a use after free flaw in Windows Common Log File System Driver The flaw is used to deploy PipeMagic, which is then used to ...

Microsoft observed threat actors using the certutil command-line utility to download a malicious MSBuild file onto the victim’s system. This file, which carried an encrypted PipeMagic payload ...

Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild.

A joint investigation by the Microsoft Threat Intelligence Center and Microsoft Security Response Center found that a zero-day vulnerability in the Windows Common Log File System had been ...

A newly discovered vulnerability, identified as CVE-2024-6768, has surfaced in the Common Log File System (CLFS.sys) driver of Windows. This issue, identified by Fortra cybersecurity researcher, ...

Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems. The ...

The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. The ...

CVE-2024-49138 - Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges. Crowdstrike ...