CISA urges government agencies to address Microsoft Streaming exploit

Readers help support Windows Report. When you make a purchase using links on our site, we may earn an affiliate commission.

Tooltip Icon

Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more

It seems that another exploit has been found in Windows, and this one allows hackers to gain high-level privileges on infected PCs.

This sounds rather serious, so keep on reading how to protect yourself from this nasty malware.

CISA has added this exploit to its Known Exploited Vulnerabilities Catalog

As reported by Bleeping Computer, there’s a security flaw in MSKSSRV.SYS file that allows hackers to gain SYSTEM privileges on target PCs. To make matters worse, these attacks don’t require any user interaction.

This vulnerability was labeled CVE-2023-29360 and was fixed in June 2023, with proof-of-concept code being released on September 24.

CISA hasn’t provided any information regarding ongoing attacks, but the bug was added to the Known Exploited Vulnerabilities Catalog urging all federal agencies to quickly patch this issue.

According to Check Point, Raspberry Robin malware attacks have been exploiting this vulnerability since August 2023.

The good news is that this vulnerability has been patched, and as long as you have the latest updates installed, you should be secure. Unfortunately, this isn’t the only vulnerability, and we already wrote about AppLocker vulnerability in Windows, but just like this one, it was quickly patched by Microsoft.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *