Security News > 2021 > February > Microsoft Issues Patches for In-the-Wild 0-day and 55 Others Windows Bugs
Microsoft on Tuesday issued fixes for 56 flaws, including a critical vulnerability that's known to be actively exploited in the wild.
The most critical of the flaws is a Windows Win32k privilege escalation vulnerability that allows attackers with access to a target system to run malicious code with elevated permissions.
"This zero-day is a new vulnerability which caused by win32k callback, it could be used to escape the sandbox of Microsoft browser or Adobe Reader on the latest Windows 10 version," DBAPPSecurity researchers said.
Lastly, the Windows maker released a set of fixes affecting its TCP/IP implementation - consisting of two RCE flaws and one denial of service vulnerability - that it said could be exploited with a DoS attack.
"Customers might receive a blue screen on any Windows system that is directly exposed to the internet with minimal network traffic. Thus, we recommend customers move quickly to apply Windows security updates this month."
To install the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update or by selecting Check for Windows updates.
News URL
Related news
- Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues (source)
- What Is Inside Microsoft’s Major Windows 11 Update? (source)
- Microsoft warns of Windows 11 24H2 gaming performance issues (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- Microsoft: Windows 11 22H2 Home and Pro reached end of servicing (source)
- Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server (source)
- Microsoft blocks Windows 11 24H2 on two ASUS models due to crashes (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)