An information disclosure exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle sandbox checks. An attacker who successfully exploited this vulnerability could potentially read data outside their expected limits.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application.The security update addresses the vulnerability by correcting how CLFS handles sandbox checks.