Microsoft Patch Tuesday 0-day Escalation of Privilege Vulnerability (CVE-2022-24521)

Cyber Security tips and recommendations
Post Reply
MikePeller
Posts: 111
Joined: Fri Dec 02, 2005 9:39 am
Location: Tucson
Contact:

Microsoft Patch Tuesday 0-day Escalation of Privilege Vulnerability (CVE-2022-24521)

Post by MikePeller »

– Microsoft has released over 117 security fixes for this month's April 2022 release. Besides the usual security fixes, there were two zero days of note and they are:
CVE-2022-26904: This known zero-day flaw impacts the Windows User Profile Service. This is an EoP (elevation of privilege) vulnerability. However, exploitation has not been seen in wild and requires a race condition to successfully exploit. This has a CVSS score of 7.0.
CVE-2022-24521: This bug is another EoP issue found in Windows Common Log File System (CLFS) Driver. This bug has been reported by Microsoft as being actively exploited in the wild. This vulnerability was reported by the NSA and Crowdstrike to Microsoft after being observed to have been used in active attacks. This has a CVSS score of 7.8.
This is significant as CVE-2022-24521 was exploited as a 0-day in the wild. Exploiting CVE-2022-24521 provides elevated privileges to an attacker, and as such the security bug was likely leveraged in conjunction with an unspecified code execution vulnerability
Post Reply