Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
Cisco Talos recently discovered a privilege escalation vulnerability in the Windows 10 Common Log File System. CLFS is a general-purpose logging service that can be used by software clients running in user-mode or kernel-mode. A malformed CLFS log file could cause a pool overflow, and an adversary could gain the ability to execute code on the victim machine. A regular user needs to open the log file to…
[[ This is only the beginning! Please visit the blog for the complete entry ]]
Article Link: http://feedproxy.google.com/~r/feedburner/Talos/~3/Fiw-vXXimpk/vuln-spotlight-windows-10-clfs-sept-2020.html