Windows Actively Exploited Privilege-Escalation Bugs
The software giant recently released important-level patches for two of the privilege-escalation vulnerabilities in Win32k and splwow64, which are being actively exploited in the wild. Qualys said that the patches, though labeled as important, should be quickly deployed as they could be chained with other vulnerabilities to provide the hacker with complete system access. In other words, once they have elevated their privilege level, attackers could exploit another vulnerability to allow them to execute code like ransomware.
The Win32 flaw (CVE-2019-1132) affects Windows 7, Server 2008 and Server 2008 R2.
“While an attacker would have to gain log on access to the system to execute the exploit, the vulnerability if exploited would allow the attacker to take full control of the system,” said Chris Goettl, director of product management for security at Ivanti, via email.
Meanwhile, the bug in splwow64 (CVE-2019-0880), which is the print driver host for 32-bit applications, would allow an attacker to go from low to medium-integrity privileges. If the patch can’t be deployed immediately, the vulnerability can be mitigated by disabling the print spooler. It affects Windows 8.1, Server 2012 and later OS.
- Barracuda urges customers to replace Email Security Gateway
- Zero-day vulnerability in the MOVEit file transfer application
- Critical Jetpack Plugin Flaw Addressed in Urgent WordPress Update for Millions of Sites
- Vulnerability With Arris Routers
- Is Your Microsoft Exchange Server Vulnerable to ProxyNotShell Flaw?
Discover more from Patrick Domingues
Subscribe to get the latest posts sent to your email.