CVE-2018-0844

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Windows 7 SP1 Windows 8.1 and RT 8.1 Windows Server 2008 SP2 and R2 SP1 Windows Server 2012 and R2 Windows 10 versions prior to the fixed version, including Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709

Description: The issue is related to how objects in memory are handled by the Windows Common Log File System (CLFS) driver, allowing an elevation of privilege. This could potentially allow attackers to affect the system.

Recommendations: For Windows 7 SP1, update to a version that includes the fix for this issue. For Windows 8.1 and RT 8.1, apply the recommended patch. For Windows Server 2008 SP2 and R2 SP1, install the security update. For Windows Server 2012 and R2, apply the necessary fix. For Windows 10 versions prior to the fixed version, including Gold, 1511, 1607, 1703, and 1709, update to the latest version. For Windows Server 2016 and Windows Server, version 1709, apply the recommended security update. As a temporary workaround, consider restricting access to sensitive system resources until a patch is available.