Beware of this Windows Cloud Files Vulnerability

CVECVE-2024-21310
CVSScvssV3_1: 7.8
SourceCVE-2024-21310

Microsoft Windows Cloud Files Mini Filter Driver was found to have a vulnerability that could allow an attacker to elevate their privileges on a target system.

The Mini Filter Driver is a kernel-mode driver used by Windows to handle file operations for cloud storage services. A flaw was discovered that could allow a hacker to execute arbitrary code in the context of the Windows kernel. This would give the attacker full control of the affected system.

An attacker could exploit this vulnerability by creating a specially crafted file and sharing it over the network or convincing a user to open a malicious file. If opened, the vulnerability in the Mini Filter Driver could be triggered allowing the hacker to gain administrator access.

With administrator privileges, a cybercriminal can install programs; view, change, or delete data; or create new accounts with full user rights. They would have complete control over the compromised computer.

To stay protected, users should make sure their Windows operating system and software are updated with the latest patches from Microsoft. It’s also recommended to use antivirus software and be cautious of any suspicious files or emails even from known senders. Staying on top of security updates can help prevent hackers from exploiting system vulnerabilities.

References