This post has been republished via RSS; it originally appeared at: Microsoft Security Bulletins.Severity Rating: Important
Revision Note: V1.0 (November 8, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerability could allow elevation of privilege when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. In a local attack scenario, an attacker could exploit these vulnerabilities by running a specially crafted application to take complete control over the affected system. An attacker who successfully exploits this vulnerability could run processes in an elevated context.