Exploit:Win32/Cluffert.A!dha

Detected by Microsoft Defender Antivirus

Aliases: No associated aliases

Summary

This is a detection for an executable that takes advantage of a Windows Common Log File System Driver Elevation of Privilege Vulnerability (designated as CVE-2023-23376).

Read the following blogs for relevant information about the security vulnerability and other exploits:

Windows Common Log File System Driver Elevation of Privilege Vulnerability
Midnight Blizzard conducts targeted social engineering over Microsoft Teams
How to build stronger security teams

Microsoft Defender Antivirus automatically removes threats as they are detected. However, many infections can leave remnant files and system changes. Updating your antimalware definitions and running a full scan might help address these remnant artifacts.

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

Exploit:Win32/Cluffert.A!dha

Summary

What to do now

Technical information

Threat behavior

Prevention

Guidance for individual users

Guidance for enterprise administrators

Symptoms