Microsoft Reveals RansomEXX Exploiting Windows CLFS Zero-Day Vulnerability

Microsoft has revealed that the RansomEXX ransomware group is exploiting a high-severity zero-day vulnerability in the Windows Common Log File System (CLFS) to gain SYSTEM privileges on victims' systems. This vulnerability allows attackers to elevate their privileges, thereby facilitating complete control over the targeted systems. The exploitation of this vulnerability has been confirmed by Microsoft, which is actively working on releasing patches to secure the affected systems.