Zero-Days Under Active Exploit Are Keeping Windows Users Busy
upstart writes in with an IRC submission:
Zero-days under active exploit are keeping Windows users busy:
It's [was] the second Tuesday of February, and that means Microsoft and other software makers are releasing dozens of updates to fix security vulnerabilities. Topping off this month's list are two zero-days under active exploit and critical networking flaws that allow attackers to remotely execute malicious code or shut down computers.
The most important patch fixes a code-execution flaw in Adobe Reader, which despite its long-in-the-tooth status remains widely used for viewing and working with PDF documents. CVE-2021-21017, as the critical vulnerability is tracked, stems from a heap-based buffer overflow. After being tipped off by an anonymous source, Adobe warned that the flaw has been actively exploited in limited attacks that target Reader users running Windows.
Adobe didn't provide additional details about the vulnerability or the in-the-wild attacks exploiting it. Typically, hackers use specially crafted documents sent by email or published online to trigger the vulnerability and execute code that installs malware on the device running the application. Adobe's use of the word "limited" likely means that the hackers are narrowly focusing their attacks on a small number of high-value targets.
Microsoft, meanwhile, has issued a fix for a vulnerability in Windows 10 and Windows Server 2019 that's also under active attack. The flaw, indexed as CVE-2021-1732, allows attackers to run their malicious code with elevated system rights.
[...] In all, Microsoft patched 56 vulnerabilities across multiple products including Windows, Office, and SharePoint. Microsoft rated 11 of the vulnerabilities as critical. As usual, affected users should install patches as soon as practical. Those who can't patch immediately should refer to workarounds listed in the advisories.
Read more of this story at SoylentNews.