It should be emphasized at the outset that no hacker has exploited the flaw yet. Luckily, it was discovered by researchers from Kaspersky, who immediately passed on all their findings to Microsoft. He thus had enough time to correct this zero-day vulnerability.
–
“Zero-day vulnerability is basically a software bug that no one has yet discovered, and therefore it is potentially very dangerous. As soon as the attackers come to it, they start performing malicious activities without being detectable, which leads to unexpected and destructive consequences, “said Boris Larin, Kaspersky’s security expert.
–
Users should pay even more attention now. Of course, by releasing update CVE-2021-28310, Microsoft protects users. But because of that, they also know how to smuggle malicious code into someone else’s. It can be assumed that this will now focus on the abuse of the discovered crack.
–
Therefore, users should download the update, which was released this Tuesday on Tuesday, through Windows Update without any delay. If people have automatic updates set up on their device, they don’t have to worry about anything.
–
There is a risk of abuse
According to security analysts, this vulnerability could be exploited by several cyber threat actors. “This is an authorization escalation exploit found in the Desktop Window Manager that allows attackers to run any malicious code on the victim’s computer,” said Boris Larin.
–
“Exploit has revealed our advanced technology for prevention and subsequent detection. In recent years, we have gradually added a large number of exploit protection technologies to our products, which have detected a number of zero-day vulnerabilities, which repeatedly proves their high efficiency, “added the security expert.
–
Exploit is a special hacker program that allows cyber attackers to exploit a crack in the system.
—
