CISA urges government agencies to address Microsoft Streaming exploit

It seems that another exploit has been found in Windows, and this one allows hackers to gain high-level privileges on infected PCs.

This sounds rather serious, so keep on reading how to protect yourself from this nasty malware.

CISA has added this exploit to its Known Exploited Vulnerabilities Catalog

As reported by Bleeping Computer, there’s a security flaw in MSKSSRV.SYS file that allows hackers to gain SYSTEM privileges on target PCs. To make matters worse, these attacks don’t require any user interaction.

This vulnerability was labeled CVE-2023-29360 and was fixed in June 2023, with proof-of-concept code being released on September 24.

CISA hasn’t provided any information regarding ongoing attacks, but the bug was added to the Known Exploited Vulnerabilities Catalog urging all federal agencies to quickly patch this issue.

According to Check Point, Raspberry Robin malware attacks have been exploiting this vulnerability since August 2023.

The good news is that this vulnerability has been patched, and as long as you have the latest updates installed, you should be secure. Unfortunately, this isn’t the only vulnerability, and we already wrote about AppLocker vulnerability in Windows, but just like this one, it was quickly patched by Microsoft.

Milan Stanojevic

Windows Toubleshooting Expert

Milan has been enthusiastic about technology ever since his childhood days, and this led him to take interest in all PC-related technologies. He’s a PC enthusiast and he spends most of his time learning about computers and technology.
Before joining WindowsReport, he worked as a front-end web developer. Now, he’s one of the Troubleshooting experts in our worldwide team, specializing in Windows errors & software issues.