Zero-day bug in Win32k component is being actively exploited

Zero-day bug in Win32k component is being actively exploited

The zero-day vulnerability in Win32k component which was patched with this Month's Patch Tuesday is being actively exploited by attackers. This vulnerability was addressed by Microsoft in CVE-2019-0797

 

The vulnerability:

 

This is an Elevation of Privilege vulnerability found in the win32k that fails to handle objects in memory properly. If this zero-day vulnerability is exploited, the attacker could execute arbitrary codes in kernel mode.

 

Solution:

 

To stay secured from this exploit, Patch Manager Plus urges you to patch the vulnerability at the earliest possible.

 

To patch the zero-day vulnerability in Win32k component, kindly look for the applicable KBs mentioned below and patch it.





                New to ADSelfService Plus?