Windows Cloud Files Mini Filter Driver Vulnerability

HIGH (7.8)
cwe-125local-accessmicrosoftprivilege-escalationwindows

Threat Intelligence

Low Risk
EPSS Score: 0.06% chance of exploitation (percentile: 19%)
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: No public exploits found

How we test →

What is it?

The Windows Cloud Files Mini Filter Driver is a component of the Windows operating system, responsible for managing cloud storage. This vulnerability allows an authorized attacker to elevate privileges locally, potentially leading to unauthorized access to sensitive data and system configuration.

Am I affected?

You're affected if you use Out-of-bounds read. Specific version info not stated in the advisory.

How to fix

To fix this vulnerability, follow these steps:

  1. Enable JavaScript in your browser (required for Microsoft Security Response Center).
  2. Apply the security update from Microsoft Security Response Center.
    • For Windows 10 and later versions:
      • Go to Settings > Update & Security > Windows Update.
      • Click Check for updates and install the latest version.
    • For earlier versions of Windows, follow the instructions in the Security Update Guide.

Immediate mitigations:

  1. Restrict network access to your Cloud Files instance (firewall it from the public internet).
  2. Audit service activity for suspicious patterns.
  3. Monitor for unauthorized changes to system configuration.

References