News

CISA warns against exploitation of Windows vulnerability in ransomware attacks

By admin
Spread the love

The US Cybersecurity and Infrastructure Security Agency warns against exploitation of a vulnerability in Windows. An attacker can use this vulnerability in ransomware attacks. Microsoft already released an update on March 12, closing the vulnerability.

This vulnerability, which can be tracked under CVE-2024-26169, is in the Windows Error Reporting Service. This vulnerability allows an attacker who already has access to a system to escalate their privileges to SYSTEM. This way he can gain full control over the affected system and, for example, disable or adjust security software.

Microsoft already resolved the error during Patch Tuesday in March this year and indicated at the time that there were no signals of abuse. Symantec security researchers reported earlier this week However, the group of cybercriminals behind the Black Basta ransomware may have already exploited the vulnerability before the patch was released. The vulnerability may even have been exploited as early as December 2023.

The CISA now also has the vulnerability added to his catalogue of known exploited vulnerabilities. That catalog contains commonly used vulnerabilities that could pose a significant risk to federal organizations, the agency said. CISA advises organizations to take swift action to limit the risks of such vulnerabilities.

You might also like
Extensions & Addns

ShortcutKey2URL for Chrome . Extension

News

Water collection from the air using a portable system

Review

AMD X870 Motherboards Review- ASUS, ASRock and MSI present line-ups

Review

New eras for old favorite – Civilization VII Review

Review

Waterproof range for your garden – TP-Link Deco X50-Outdoor Quick Test

Downloads

Download Office 365 Offline Installer ISO / IMG

Exit mobile version