Blog
Share This Post
[ad_1]
Increasingly prevalent cyberattacks exploiting Windows Common Log File System vulnerabilities have prompted Microsoft to conduct testing for a mitigation enabling the identification of unauthorized CLFS logfile alterations, which would be integrated into the Windows Insiders Canary channel, according to SecurityWeek.
Appending logfiles with Hash-based Message Authentication Codes, which are generated through the hashing of input data and a secret cryptographic key, would help CLFS determine logfiles subjected to modifications not made by the CLFS driver, noted Microsoft, which added that valid HMACs could only be produced with a cryptographic key only accessible by the system and admins. “Rather than continuing to address single issues as they are discovered, [we] worked to add a new verification step to parsing CLFS logfiles, which aims to address a class of vulnerabilities all at once. This work will help protect our customers across the Windows ecosystem before they are impacted by potential security issues,” said Microsoft software engineer Brandon Jackson, who noted the mitigation’s usage of a Merkle tree to ensure efficiency in processing large files.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
