Microsoft has fixed a zero-day vulnerability affecting all supported versions of Windows that experts say hackers exploit to launch ransomware attacks, a new report said on Thursday.
In February, researchers discovered an attack exploiting a zero-day vulnerability in the Microsoft Common Log File System (CLFS). According to cyber security firm Kaspersky, a cybercriminal group used an exploit developed for various versions and builds of Windows OS, including Windows 11, and attempted to deploy the Nokoyawa ransomware attack.
Microsoft assigned ‘CVE-2023-28252’ to the discovered zero-day bug. Attackers exploited the CVE-2023-28252 vulnerability to elevate privileges and steal credentials from the Security Account Manager (SAM) database.
While most vulnerabilities are used by APT (Advanced Persistent Threats), the researchers said it was exploited for cybercrime purposes by a sophisticated group that executes ransomware attacks.
“Cybercrime groups are becoming more sophisticated in using zero-day exploits in their attacks. Previously it was primarily a tool of APTs, but now cybercriminals have the ability to achieve zero-days and launch attacks regularly. have the resources to use them,” said Boris Larin, principal security researcher at the Global Research and Analysis Team (GReAT).
“It is very important for businesses to download the latest patches from Microsoft as soon as possible and to use other methods of protection, such as EDR solutions,” he added.
In addition, the report states that hackers also attempted to execute similar elevation of privilege in attacks on various small and medium-sized businesses in the Middle East and North America, and previously in Asia regions.
The researchers said they found at least five different exploits of this type, which were used in attacks on retail and wholesale, energy, manufacturing, healthcare, software development and other industries.
The post Windows 11, 10 users need to update their PCs right now after Windows 11 appeared first on Techlusive.