Cybercriminals are abusing a post-compromise zero-day vulnerability in the Windows Common Log File System (CLFS) to deploy ransomware. The Microsoft Threat Intelligence Center (MSTIC) and Microsoft ...

A joint investigation by the Microsoft Threat Intelligence Center and Microsoft Security Response Center found that a zero-day vulnerability in the Windows Common Log File System had been exploited by ...

Update, Dec. 12, 2024: This story, originally published Dec. 11, now includes further information from security experts regarding another critical vulnerability within the latest Windows security ...

Update your systems ASAP, as Bleeping Computer points out that today’s Patch Tuesday updates include one for a zero-day flaw already exploited by attackers. CVE-2024-49138 - Microsoft Windows Common ...

Microsoft has released a patch for a Windows zero day vulnerability that has been exploited by cybercriminals in ransomware attacks. The vulnerability, identified as CVE-2023-28252, is a privilege ...

A new report out today from cybersecurity company Fortra LLC is warning of a vulnerability in all versions of Windows 10 and 11 that, if triggered, could cause system instability and a denial of ...

Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to ...

The Operation CuckooBees campaign used zero-day exploits to compromise networks and leveraged Windows' Common Log File System to avoid detection. Security researchers have uncovered a cyberespionage ...

Microsoft said it observed a threat actor known as Storm-2460 abuse a use after free flaw in Windows Common Log File System Driver The flaw is used to deploy PipeMagic, which is then used to deliver ...

Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of ...