As threat actors actively exploit the Win32k privilege escalation weakness, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just ordered federal agencies to patch it promptly. Failure to fix these vulnerabilities exposes enterprises with susceptible servers to data theft, financial fraud risks, mission-critical business process interruptions, ransomware attacks, and a complete shutdown of operations, according to CISA.
CISA is asking government entities to protect their systems against a widely exploited Windows security flaw that might be leveraged to get higher rights on vulnerable hosts. CVE-2022-21882, a Win32k Elevation of Privilege vulnerability, has been identified and is being actively exploited by threat actors to target Federal Civilian Executive Branch (FCEB) agencies.
In a recent report, CISA stated, “These sorts of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and represent a considerable danger to the federal organization.”
CVE-2022-21882, which has been assigned an exploitability index of “Exploitation More Likely,” is a case of elevated privilege vulnerability affecting the Win32k component. Microsoft fixed the flaw as part of their January 2022 Patch Tuesday upgrades.