• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
cisa orders federal agencies to patch actively exploited windows vulnerability

CISA Orders Federal Agencies to Patch Actively Exploited Windows Vulnerability

You are here: Home / General Cyber Security News / CISA Orders Federal Agencies to Patch Actively Exploited Windows Vulnerability
February 7, 2022

The U.S. Cybersecurity and Infrastructure Security Company (CISA) is urging federal businesses to secure their units towards an actively exploited security vulnerability in Windows that could be abused to gain elevated permissions on impacted hosts.

To that finish, the company has additional CVE-2022-21882 (CVSS score: 7.) to the Known Exploited Vulnerabilities Catalog, necessitating that Federal Civilian Govt Branch (FCEB) organizations patch all units in opposition to this vulnerability by February 18, 2022.

Automatic GitHub Backups

✔ Approved Seller From Our Partners
Malwarebytes Premium 2022

Protect yourself against all threads using Malwarebytes. Get Malwarebytes Premium with 60% discount from a Malwarebytes official seller SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“These kinds of vulnerabilities are a frequent attack vector for destructive cyber actors of all styles and pose substantial risk to the federal business,” CISA claimed in an advisory revealed final 7 days.

Windows Vulnerability Exploit

CVE-2022-21882, which has been tagged with an “Exploitation Much more Likely” exploitability index evaluation, issues a circumstance of elevation of privilege vulnerability affecting the Get32k element. The bug was resolved by Microsoft as part of its January 2022 Patch Tuesday updates.

“A area, authenticated attacker could obtain elevated community program or administrator privileges by a vulnerability in the Earn32k.sys driver,” the Windows maker mentioned. The flaw impacts Windows 10, Windows 11, Windows Server 2019, and Windows server 2022.

Prevent Data Breaches

It really is value noting that the security vulnerability is also a bypass for yet another escalation of privilege flaw in the same module (CVE-2021-1732, CVSS score: 7.8) that Microsoft settled in February 2021 and has given that been detected in exploits in the wild.

Located this post exciting? Adhere to THN on Facebook, Twitter  and LinkedIn to study additional exclusive material we publish.


Some elements of this short article are sourced from:
thehackernews.com

Previous Post: «new argo cd bug could let hackers steal secret info New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps
Next Post: Chinese Hackers Target Taiwanese Financial Institutions with a new Stealthy Backdoor chinese hackers target taiwanese financial institutions with a new stealthy»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Ugandan Writers Charged with Cyber Stalking President
  • Russian Hackers Allegedly Compromise Ukrainian News Sites, Displaying ‘Z’ Symbol
  • A Third of Malicious Logins Originate in Nigeria
  • Open source dev attacked for spreading data-wiping ‘protestware’
  • Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet
  • Arkansas Sues Health System for Abandoning Patient Files
  • Netflix to Charge Password Sharers
  • Hackers Target Bank Networks with new Rootkit to Steal Money from ATM Machines
  • Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops
  • Experts Find Some Affiliates of BlackMatter Now Spreading BlackCat Ransomware

Copyright © TheCyberSecurity.News, All Rights Reserved.