We have already written about a few of the safety patches Microsoft launched this month, however the firm has launched an enormous variety of enhancements general. Included within the repair is a patch for a safety problem deemed so critical that Microsoft has additionally launched a repair for Home windows 7, regardless of safety help for the working system ending early final yr.
The vulnerability is tracked as CVE-2022-37969, and is described as a “Home windows Widespread Log File System Driver Elevation of Privileges vulnerability”.
Numerous variations of Microsoft’s working programs undergo from the defect – from Home windows Server 2008 and above, and from Home windows 7 to Home windows 11. Vulnerabilities are recognized to be exploited, and till the patch has an opportunity to be rolled out to as many individuals as doable, Microsoft is not saying a lot concerning the nature of the issue.
Nevertheless, in a be aware within the Microsoft Safety Analysis Middle, the corporate warns:
An attacker who efficiently exploited this vulnerability might acquire system privileges.
An attacker should have already got entry and the flexibility to run code on the goal system. This system doesn’t permit distant code execution in instances the place the attacker doesn’t have already got that functionality on the goal system.
Extra details about the vulnerability, in addition to hyperlinks to safety updates for all affected variations of Home windows and Home windows Server, may be discovered right here.
picture credit score: Eric Glenn / Shutterstock