CVE-2023-28252 - Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability

Vulnerability Name

Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability

Description

Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions.

Additional Notes

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-28252

https://nvd.nist.gov/vuln/detail/CVE-2023-28252

Related News Articles

Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS VulnerabilityApril 9, 2025

PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy RansomwareApril 9, 2025

Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS VulnerabilityApril 9, 2025

Microsoft: Windows CLFS zero-day exploited by ransomware gangApril 9, 2025

Microsoft patches Windows Kernel zero-day exploited since 2023March 12, 2025