Microsoft Discloses Zero-Day Vulnerability in Windows CLFS Exploited in Ransomware Attacks

Microsoft has revealed that a patched security flaw affecting the Windows Common Log File System (CLFS) has been exploited as a zero-day vulnerability in ransomware attacks targeting a small number of organizations. The targets include companies in the information technology (IT) and real estate sectors in the United States, the financial sector in Venezuela, a software company in Spain, and the retail sector.