A security flaw in the Windows Print Spooler component that was patched by Microsoft in February is getting actively exploited in the wild, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned.
To that end, the agency has included the shortcoming to its Identified Exploited Vulnerabilities Catalog, requiring Federal Civilian Government Branch (FCEB) organizations to handle the issues by May 10, 2022.
Tracked as CVE-2022-22718 (CVSS score: 7.8), the security vulnerability is just one among the four privilege escalation flaws in the Print Spooler that Microsoft solved as component of its Patch Tuesday updates on February 8, 2022.
It is really value noting that the Redmond-centered tech huge has remediated a range of Print Spooler flaws because the critical PrintNightmare distant code execution vulnerability arrived to gentle final calendar year, such as 15 elevation of privilege vulnerabilities in April 2022.
Also extra to the catalog are two other security flaws based mostly on “evidence of active exploitation” –
- CVE-2018-6882 (CVSS score: 6.1) – Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS)
- CVE-2019-3568 (CVSS score: 9.8) – WhatsApp VOIP Stack Buffer Overflow Vulnerability
The addition of CVE-2018-6882 will come near on the heels of an advisory introduced by the Computer system Emergency Response Crew of Ukraine (CERT-UA) last 7 days, cautioning of phishing assaults targeting govt entities with the intention of forwarding victims’ e-mail to a third-occasion email handle by leveraging the Zimbra vulnerability.
CERT-UA attributed the targeted intrusions to a threat cluster tracked as UAC-0097.
In gentle of authentic world attacks weaponizing the vulnerabilities, corporations are recommended to minimize their exposure by “prioritizing timely remediation of […] as element of their vulnerability management exercise.”
Found this write-up attention-grabbing? Abide by THN on Facebook, Twitter and LinkedIn to examine more distinctive information we publish.
Some parts of this article are sourced from:
thehackernews.com