New Delhi: Global cybersecurity major Kaspersky Lab said on Wednesday that its automated technologies have detected a new exploited vulnerability in Microsoft Windows, which is believed to have been used in targeted attacks by at least two threat actors, including the recently-discovered SandCat.
This is the fourth zero-day exploit to be discovered by the company’s automatic exploit prevention technology.
Zero-day vulnerabilities are previously unknown software bugs that can be exploited by attackers to breach a victim’s device and network. The new exploit uses a vulnerability in Microsoft Windows’ graphics subsystem to achieve local privilege escalation.
This provides the attacker with full control over a victim’s computer. The malware sample examined by Kaspersky Lab researchers shows that the exploit targets OS versions Windows 8 to Windows 10.
“The discovery of a new Windows zero-day being actively exploited in the wild shows that such expensive and rare tools remain of great interest to threat actors, and organizations need security solutions that can protect against such unknown threats,” said Anton Ivanov, a security expert at Kaspersky.
“It also reaffirms the importance of collaboration between the security industry and software developers: bug hunting, responsible disclosure, and prompt patching are the best ways of keeping users safe from new and emerging threats.”
Kaspersky recommended installing Microsoft’s patch for the new vulnerability as soon as possible and making sure that all software is updated on a regular basis.