Windows 10 users are warned of a zero-day vulnerability
Oh oh. There is a new attack targeting Windows 10 users, with a slew of security threats exposed in the leading desktop operating system. Microsoft has highlighted a series of zero-day vulnerabilities and other critical flaws, but there is one in particular that Windows 10 users should be careful not to fall victim to. This exploit, classified as CVE-2021-28310, is currently exploited “in the wild”.
That means the vulnerability is not just theoretical. It’s not something discovered in the lab and fixed before hackers even knew they could exploit it to steal data. Instead, it is now being used.
A cyber criminal group known as BITTER APT is believed to be actively exploiting this Windows 10 exploit. The Windows 10 flaw allows attackers to escape from your web browser’s walled garden to gain access to some of the most sensitive parts of your operating system, escalating themselves to crucial system privileges on your computer.
The zero-day vulnerability was discovered by Kaspersky Labs, which reported the problem to Microsoft in February. The cybersecurity experts outlined their findings: “We believe this exploit is being used in the wild, possibly by a variety of threat actors.
Microsoft is forcing Windows 10 fans to change their web browser this week
“It is a privilege escalation (EoP) exploit that is likely used with other browser exploits to escape sandboxes or gain system permissions for further access. Unfortunately, we were unable to capture a full chain, so we don’t know if the exploit is used with another zero-day browser, or in conjunction with known patched vulnerabilities. “
Fortunately, there is a simple solution you can do now if you want to stay protected from this dangerous security risk.
Microsoft has fixed this zero-day vulnerability with the latest release of Patch Tuesday. Released Tuesday this week, this update resolved a total of 110 vulnerabilities, 19 of which were classified as critical.
The latest release of Patch Tuesday brings the highest number of monthly fixes to date for 2021. And experts are warning as the year goes on that an increasing number of browser-related errors are likely to be discovered.
Speak against Threat Post Justin Knapp, of Automox, said, “The proceeds from April Patch Tuesday … [are] the highest monthly total for 2021 (so far) and with a return to the 100-plus totals we consistently saw in 2020. This month’s catch includes 19 critical vulnerabilities and a very serious zero-day being actively exploited in the wild. “
The senior product marketing manager with the cloud-driven patching platform added, “We also see multiple browser-related vulnerabilities this month that need to be addressed immediately. This represents a general upward trend expected to continue throughout the year and attract more urgency in speed patching. , to ensure that organizations are not exposed to unnecessary exposure – especially given the increased exploitation of known, outdated vulnerabilities. “
Check all Technology News here: Gaming Ideology