Actively exploited Windows Vulnerability CISA Orders Federal Agencies to Patch

 Short News:- 

A vulnerability in Windows that could be used to gain administrative privileges on vulnerable hosts has been added to the Known Exploited Vulnerabilities Catalog. All Federal Civilian Executive Branch (FCEB) agencies must patch all systems by February 18, 2022. The U.S. Cybersecurity and Infrastructure Security Agency issued a CISA advisory just a couple of weeks ago.

Detailed News:- 

Several government agencies have been urged by the United States Cybersecurity and Infrastructure Security Agency (CISA) to protect their systems against a widely exploited security flaw in Windows that could be used to gain administrative privileges on vulnerable hosts.

CVE-2022-21882 (CVSS 7.0) has been added to the Known Exploited Vulnerabilities Catalog as a result, and all Federal Civilian Executive Branch (FCEB) agencies must patch all systems by February 18, 2022, as a result of this addition to the catalog.

Following the publication of a CISA advisory just a couple of weeks ago, it appears that these vulnerabilities are a common attack vector for malicious cyber actors of all stripes. It is believed that they pose a serious threat to the federal government's security.

According to the exploitability index, CVE-2022-21882 is an instance of a vulnerability in Win32k that has been rated as "Exploitable." The vulnerability has been rated as "Exploitable." The bug was fixed as part of Microsoft's Patch Tuesday updates in January 2022.

"A local, authenticated attacker could gain elevated local system or administrator privileges" by exploiting a vulnerability in the Win32k.sys driver, according to the company's announcement. Windows 10, Windows 11, Windows Server 2019, and Windows Server 2022 are all affected by the vulnerability (all future versions of Windows).

It is possible to circumvent this security vulnerability by exploiting another escalation of privilege flaw in the same module (CVE-2021-1732, CVSS score: 7.8) that was fixed by Microsoft in February 2021 and has since been discovered in exploits in the wild.