The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is always monitoring the vulnerabilities that appear and those that have not been fully controlled. In this case, we have an exploited Windows vulnerability that continues causing problems. Although Windows is working hard to patch it, there is still a danger of compromising sensitive information. Learn the details in this article.
This is the exploited Windows vulnerability
CISA is very concerned about this vulnerability because many federal agencies work with this operative system, so they urged the federal agencies to secure their systems and data against this flaw. The security vulnerability can give elevated permissions to any that could access the affected hosts.
The exploited Windows vulnerability was identified and included as CVE-2022-21882 (CVSS score: 7.0) to the Known Exploited Vulnerabilities Catalog. CISA is recommending all the Federal Civilian Executive Branch (FCEB) agencies to patch their system and prevent exploiting the vulnerability by February 18, 2022. “These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise,” was stated by CISA.
The vulnerability is tagged with an “Exploitation More Likely” exploitability index assessment, which causes an elevation of privileges that affect the Win32K component. Microsoft addressed this flaw in its recent patch update. They stated: “A local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver.”
This exploited Windows vulnerability can affect versions 10, 11, server 2019, and server 2022. It’s interesting to check that this vulnerability can be put in the same module as another escalation of privilege flaw known as CVE-2021-1732, CVSS score: 7.8. Microsoft resolved this one a year ago, but it has been detected in exploits in the wild. So far, CISA is constantly working to protect agencies and people from these vulnerabilities, and to catch cybercriminals. Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.
Facebook: Eagle Tech Corp
LinkedIn: Eagle Tech
YouTube: Eagle Tech Corp