Cloud Files Mini Filter Driver Vulnerability

HIGH (7.8)
cwe-122cloud-fileslocal-accessmicrosoftmini-filter-driverprivilege-elevationwindows

Threat Intelligence

Low Risk
EPSS Score: 0.08% chance of exploitation (percentile: 24%)
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: No public exploits found

How we test →

What is it?

The Windows Cloud Files Mini Filter Driver is a component of the Windows operating system, responsible for managing cloud storage. This vulnerability allows an authorized attacker to elevate privileges locally, potentially leading to unauthorized access to sensitive data and system resources.

Am I affected?

You're affected if you use Heap-based buffer overflow. Specific version info not stated in the advisory.

How to fix

To fix this vulnerability, follow these steps:

  1. Enable Windows Update for Business or Enterprise.
  2. Go to Settings > Update & Security > Windows Update.
  3. Click on "Check for updates" to install the latest security patches.

Immediate mitigations:
- Disable the Cloud Files Mini Filter Driver service: sc config cloudfiles mini filter driver start= disabled
- Apply a Group Policy to restrict access to the Cloud Files Mini Filter Driver: https://docs.microsoft.com/en-us/windows/win32/com/registry-options

References