Microsoft patches zero-day exploited by attackers (CVE-2023-28252)

Categories: Latest Cyber News
Help raise awareness by sharing this page:

It’s April 2023 Patch Tuesday, and Microsoft has released fixes for 97 CVE-numbered vulnerabilities, including one actively exploited zero-day (CVE-2023-28252). About CVE-2023-28252 CVE-2023-28252 is a vulnerability in the Windows Common Log File System (CLFS) that allows attackers to gain SYSTEM privileges on target machines. “Over the last two years, attackers appear to have found success targeting CLFS in order to elevate privileges as part of post-compromise activity,” Satnam Narang, senior staff research engineer at Tenable, … More

The post Microsoft patches zero-day exploited by attackers (CVE-2023-28252) appeared first on Help Net Security.

Thank you for visiting our page! For a deeper dive into this topic, discover the full article by clicking HERE.