uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites,’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.


Just in Time Bulletin: CVE-2022-37969 Windows CLFS Driver Privilege Escalation

Sep 16, 2022

What is CVE-2022-37969? 

CVE-2022-37969 is a privilege escalation vulnerability that impacts Windows Common Log File System (CLFS). CLFS is a general-purpose logging service that can be used by software clients running in user-mode or kernel-mode for building high-performance transaction logs. 

Exploitation of this vulnerability requires an attacker to already have a foothold on a victim machine and the ability to execute commands. Microsoft patched a number of more critical vulnerabilities on Patch Tuesday; however, CVE-2022-37969 was publicly disclosed prior to the patch being released, which makes it a strong candidate for exploitation and inclusion in malware. Successful exploitation would enable an attacker to elevate privileges to that of SYSTEM, which grants access to all system resources, including credential data. 

How bad is this?

CVE CVSSv3 Score
CVE-2022-37969 7.8

Active exploitation today: Actively exploited in the wild prior to patch availability 

Severity: High

  • Requires an attacker to already have access to a victim machine
  • Exploitation facilitates SYSTEM access rights
  • Exploited in the wild, low level of complexity 

Who is affected by this? 

  • All Windows versions from 7 to Server 2022

How is it exploited? 

Exploitation can be accomplished with a crafted malicious executable. 

Am I at risk?

Version Patch
Windows 2012 R2 Server
Windows 2012
Windows Server 2008 R2
Windows Server 2008
Windows RT 8.1
Windows 7
Windows Server 2016
Windows 10
Windows 11
Windows Server 2022
Windows Server 2019

How do I protect myself? 

Microsoft has released a cumulative security patch to address CVE-2022-37969.

Mitigating factors? 

There are presently no mitigating measures to reduce the risk short of applying the recommended patch.

Additional Resources: