The Newest Windows Security Flaw You Should Patch Immediately


A rather large security flaw has been discovered by Kaspersky Lab, and if you haven’t patched your system yet, you probably should. 

The new threat targets Windows 8 and Windows 10 machines. The exploit uses a vulnerability in Windows’ graphic subsystem to gain local privileges. This allows the attacker to gain full control of the victim’s computer. This is the fourth consecutive Local Privilege Escalation vulnerability in Windows recently discovered by Kaspersky.

This new exploit was detected by Kaspersky Lab’s Automatic Exploit Prevention technology. The two researchers at Kaspersky who discovered the flaw were Vasiliy Berdnikov and Boris Larin.  The two explained the vulnerability further in a blog, “In February 2019, our Automatic Exploit Prevention (AEP) systems detected an attempt to exploit a vulnerability in the Microsoft Windows operating system. Further analysis of this event led to us discovering a zero-day vulnerability in win32k.sys.”

“CVE-2019-0797 is a race condition that is present in the win32k driver due to a lack of proper synchronization between undocumented syscalls NtDCompositionDiscardFrame and NtDCompositionDestroyConnection”, the two continued.

Kaspersky have announced they believe that the exploit was used by several threat actors including FruityArmor and SandCat.

How can you protect your computer from this security exploit?  Patch your computer immediately. Microsoft released a patch as soon as the security flaw was reported.

In addition, it helps if your IT/Security team has access to the latest cyber threat intelligence. Also, organization need to ensure they are deploying best cyber security practices, such as proper password etiquette, and training employees to know best security practices.

For more ways to keep your company secure online, check out these cybersecurity tips.

Story via Forbes