Microsoft Patches a New Zero-Day Affecting all Versions of Windows
Microsoft has confirmed another Windows zero-day vulnerability already being exploited by attackers. The zero-day, tracked as CVE-2022-37969, is a privilege elevation vulnerability in Windows Common Log File System Driver. It impacts Windows versions from 7 right up to 11 as well as Windows Server 2008 and 2012. Microsoft has confirmed that a successful attack could gain system privileges to take control of the machine and that exploit code is available in the wild.
Although exploiting CVE-2022-37969 requires access to the target system, and the ability to run code upon it, lowers the risk, it doesn’t mitigate it to anything approaching zero. A threat actor will likely use malware that exploits a different vulnerability or a simple ‘malicious link click’ phishing attack to achieve this access.
What You Need to Do
For BMT Managed Services clients, all necessary updates are completed. For others, check your Microsoft security updates by going to Start > Settings > Update & Security > Windows Update. On the Windows Update page, select Check for updates. Then, download and install any available updates.
Have questions or need help with this update? Contact a member of the BMT team.