Kaspersky Lab has reported its latest discovery of another zero-day exploit affecting Microsoft. The exploit, with the designated code CVE-2021-28310, was found in the Desktop Window Manager.
Researchers came along this exploit while analyzing the CVE-2021-1732 exploit, known for being used by certain hacking groups. Quickly after it was discovered and reported by Kaspersky, Microsoft confirmed the existence of the exploit and designated the name mentioned above. If used by bad actors, this exploit could open up the victim’s computer to any code execution, which is especially troublesome.
Kaspersky’s researchers have already uncovered instances of hacking groups and other bad actors using this exploit in conjunction with other methods to get into other people’s computers. According to the company’s reports, this zero-day exploit can be used in combination with browser exploits to obtain system privileges and go beyond the boundaries of sandboxes, if any exist on the target machine. At the time of writing, Kaspersky hasn’t revealed if an infection chain exists, as well as whether other known or patched vulnerabilities are used to enable this exploit.
“Over the past few years, we have built a multitude of exploit protection technologies into our products that have detected several zero-days, proving their effectiveness time and time again. We will continue to improve the defences for our users by enhancing our technologies and working with third-party vendors to patch vulnerabilities, making the internet more secure for everyone,” Boris Larin, a security expert at Kaspersky, said.
While this may sound like grim news, Microsoft has already issued patches that should fix this exploit and prevent hackers from potentially harming your computer by abusing this zero-day. Whether you use third-party antivirus software or a program that’s bundled with Windows 10, make sure to also update virus definitions in your antivirus, just to be extra safe when going online again.