Hello and welcome to the Wednesday, September 14th, 2020 edition of the Sands and its Storm centers, Stormcast.

My name is Johannes Ulrich, and I am recording from Jacksonville, Florida.

It's patched Tuesday again, and with that we got patches for 79 different vulnerabilities including

one vulnerability that is already being exploited wouldn't be patched Tuesday without at least

one little seraday like that so let's start with the one that's already being exploited. CVE 2022-37-9. It's a

privilege escalation vulnerability in the Windows common log system driver and details have

already been made public according to Microsoft. So it's not only being exploited, it's already publicly known.

In April, Microsoft actually patched a similar vulnerability in the common log file system

driver.

So there is a chance that this was more or less just an additional fix for this vulnerability,

that there was a way to bypass the original patch.

We have seen this before, but not enough detail at this point to really confirm this.

These days, I do not really get terribly excited about privilege escalation serendos like this.

After all, they appear to be coming

sort of out on almost

weekly schedule.

More interesting in some ways

are a couple of other

vulnerabilities.

CVE 2020-32-34-7-18.

It's a remote code

execution vulnerability in the

...