Windows 10, Server 2019 users must patch serious zero-day
Another dangerous zero-day exploit is among 56 vulnerabilities patched by Microsoft in February’s Patch Tuesday update
Share this item with your network: By Published: 10 Feb 2021 11:36
An elevation of privilege vulnerability in Microsoft Windows Win32k.sys, impacting Windows 10 and Windows Server 2019, is already being exploited in the wild as a zero-day, and should be prioritised for patching despite being rated as merely “important”, rather than “critical”.
The vulnerability, CVE-2021-1732, requires an attacker to have access to the target system in order to exploit it to gain admin rights. It is one of 56 vulnerabilities – six already disclosed – to be patched in Microsoft’s February Patch Tuesday update, which has come in much lighter than usual.