Windows Zero-Day Discovered by Kaspersky Lab Has Already Been Exploited

Kaspersky Lab says a recently discovered Windows zero-day vulnerability has already been exploited, although a fix is now available.

Online firm has detailed a new zero-day vulnerability that it says is actively being exploited. Furthermore, the company says there are four other similar flaws that could be exposed by attackers. Each was found in the win32k.sys system file.

Kaspersky discovered the vulnerabilities during a recent investigation on malware for the platform. The company says the flaws could affect server locations on , , and . By working the exploit, bad actors can gain full access to a PC.

The active zero-day was exploited by an unidentified cybercriminal group and allowed higher privileges that give the ability to install a backdoor in Windows PowerShell. With this backdoor, hackers can operate on a system without being found and operate the system with complete control.

Kaspersky says has rolled out a patch for the problem, so an up-to-date Windows PC will be protected. The company also offers the following advice about shoring up a Windows PC:

  • Install the -provided to close the vulnerability
  • your operating system software regularly
  • Use behavior-based detection solutions which can detect unknown threats.

Office a Target

Earlier this week, Kaspersky Lab said Microsoft Office has become the number one attack target for cybercriminals. The Russian cyber security firm says attacks and exploits on Office products account for 70 percent of all attacks.

At the Kaspersky Lab Security Analyst Summit, the company showed data for the fourth quarter of 2018. Office has increasingly become the go-to attack target with the number of attempts four times higher than they were during Q4 2016.