Online security firm Kaspersky Lab has detailed a new Windows zero-day vulnerability that it says is actively being exploited. Furthermore, the company says there are four other similar security flaws that could be exposed by attackers. Each was found in the win32k.sys system file.
Kaspersky discovered the vulnerabilities during a recent investigation on malware for the Windows platform. The company says the flaws could affect server locations on Windows 7, Windows 8.1, and Windows 10. By working the exploit, bad actors can gain full access to a PC.
The active zero-day was exploited by an unidentified cybercriminal group and allowed higher privileges that give the ability to install a backdoor in Windows PowerShell. With this backdoor, hackers can operate on a system without being found and operate the system with complete control.
Kaspersky says Microsoft has rolled out a patch for the problem, so an up-to-date Windows PC will be protected. The company also offers the following advice about shoring up a Windows PC:
- Install the Microsoft-provided update to close the vulnerability
- Update your operating system software regularly
- Use behavior-based detection solutions which can detect unknown threats.
Office a Target
Earlier this week, Kaspersky Lab said Microsoft Office has become the number one attack target for cybercriminals. The Russian cyber security firm says attacks and exploits on Office products account for 70 percent of all attacks.
At the Kaspersky Lab Security Analyst Summit, the company showed data for the fourth quarter of 2018. Office has increasingly become the go-to attack target with the number of attempts four times higher than they were during Q4 2016.