Crooks are exploiting four Microsoft vulnerabilities – one patched 14 years ago and another tied to ransomware activity – according to America’s lead cyber-defense agency, which on Monday gave federal agencies two weeks to patch them.
The four vulnerabilities added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on Monday are: CVE-2025-60710, a link-following vulnerability in Windows that allows privilege escalation. After initially disclosing this bug in November 2025, Redmond fully fixed it a month later. CVE-2023-36424, a Windows Common Log File System Driver flaw that allows privilege escalation. Microsoft patched this one in November 2023.
Read more…
Source: The Register News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cisco Warns of Critical Auth-Bypass Security Flaw
February 25, 2021
A critical vulnerability in Cisco Systems’ intersite policy manager software could allow a remote attacker to bypass authentication. The vulnerability is one of three critical flaws fixed by Cisco on this week. It exists in Cisco’s ACI Multi-Site Orchestrator (ACI MSO) — this is Cisco’s management software for businesses, which allows them to monitor the health ...
- CISA Alert (AA21-055A): Exploitation of Accellion File Transfer Appliance
February 24, 2021
This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia, This activity has impacted organizations globally, including those in Australia, New Zealand, Singapore, the ...
- Accellion FTA Zero-Day Attacks Show Ties to Clop Ransomware, FIN11
February 22, 2021
Researchers have identified a set of threat actors (dubbed UNC2546 and UNC2582) with connections to the FIN11 and the Clop ransomware gang as the cybercriminal group behind the global zero-day attacks on users of the Accellion legacy File Transfer Appliance product. Multiple Accellion FTA customers, including the Jones Day Law Firm, Kroger and Singtel, have all ...
- Chinese hackers cloned attack tool belonging to NSA’s Equation Group
February 22, 2021
Chinese threat actors “cloned” and used a Windows zero-day exploit stolen from the NSA’s Equation Group for years before the privilege escalation flaw was patched, researchers say. On Monday, Check Point Research (CPR) said the tool was a “clone” of software developed by the US National Security Agency (NSA)’s Equation Group, identified by FireEye in 2015 ...
- Recently fixed Windows zero-day actively exploited since mid-2020
February 20, 2021
Microsoft says that a high-severity Windows zero-day vulnerability patched during the February 2021 Patch Tuesday was exploited in the wild since at least the summer of 2020 according to its telemetry data. The actively exploited zero-day bug is tracked as ‘CVE-2021-1732 – Windows Win32k Elevation of Privilege Vulnerability.’ It allows local attackers to elevate their privileges to ...
- SonicWall releases additional update for SMA 100 vulnerability
February 20, 2021
SonicWall has released a second firmware update for an SMA-100 zero-day vulnerability known to be used in attacks and is warning to install it immediately. Last month, SonicWall disclosed that their internal systems were attacked using a zero-day vulnerability in their SMA-100 remote access devices. A week later, cybersecurity firm NCC Group discovered the zero-day vulnerability used ...