Connect with us

Hi, what are you looking for?


CISA orders federal agencies to patch actively exploited Windows bug

CISA headpic

CISA orders federal agencies to patch actively exploited Windows bug

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch their systems against an actively exploited Windows vulnerability that enables attackers to gain SYSTEM privileges.

Per a binding operational directive (BOD 22-01) issued in November and today’s announcement, all Federal Civilian Executive Branch Agencies (FCEB) agencies are now required to patch all systems against this vulnerability, tracked as CVE-2022-21882 within two weeks, until February 18th.

While BOD 22-01 only applies to FCEB agencies, CISA strongly urges all private and public sector organizations to reduce their exposure to ongoing cyberattacks by adopting this Directive and prioritizing mitigation of vulnerabilities included in its catalog of actively exploited security flaws.

“CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below,” the cybersecurity agency said today.

“These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.”

After exploiting the Win32k local privilege elevation flaw, threat actors with limited access to compromised devices can use the newly obtained user rights to spread laterally within the network, create new admin users, or execute privileged commands.

Advertisement. Scroll to continue reading.

According to Microsoft’s advisory, “a local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver.”

This vulnerability affects systems running Windows 10 1909 or later, Windows 11, and Windows Server 2019 and later without the January 2022 Patch Tuesday updates.

The bug is also a bypass of another Windows Win32k privilege escalation bug (CVE-2021-1732), a zero-day flaw patched in February 2021 and actively exploited in attacks since at least the summer of 2020.

BleepingComputer also tested an exploit targeting this vulnerability and encountered no problems compiling the exploit and using it to open Notepad with SYSTEM privileges on a Windows 10 system (the exploit didn’t work on Windows 11).

CISA’s warning is well-timed, seeing that many administrators skipped the January 2022 updates due to critical bugs introduced by last month’s Patch Tuesday security updates.

These known issues include reboots, L2TP VPN problems, inaccessible ReFS volumes, and Hyper-V issues addressed in emergency out-of-band (OOB) updates issued on January 17th.

By not deploying these patches, those who skipped the update are leaving devices on their networks unprotected and vulnerable to attacks exploiting this flaw, tagged by Microsoft as an important severity vulnerability.

Source link

Advertisement. Scroll to continue reading.
Click to comment

Leave a Reply



Calm, the meditation and relaxation tech startup featuring a medley of celebrity voices, has laid off a fifth of its staff. The company is...


Placeholder while article actions load The de facto leader of Samsung received a presidential pardon on Friday, wiping clean the billionaire scion’s criminal record...


COVINGTON, Ga. — One area team opened a new season with a win while the other began with a loss. Social Circle downed Newton...


The power of TikTok was on full display this week after a Houston woman went viral for rescuing a puppy discovered hidden in piles...

Online Business Success

A pump is seen at a gas station in Manhattan, New York City, US, on August 11, 2022. — Reuters Brent crude futures were...


Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here. Can AI-driven fitness...


You May Also Like


Introductions get a lot of attention. I’ve explored the topic of how to write them even though as a reader, I always skip them....

Online Business Success

The internet is now our nervous system. We are constantly streaming and buying and watching and liking, our brains locked into the global information...

SEO Guide

There are all kinds of pictures of the world on the internet, but to find one of these specific pictures that you want to...

Online Business Success

You can think of link building in many ways. I like to call it tedious, painful, and a test of patience. It’s also necessary...