Security News > 2021 > February > Recently fixed Windows zero-day actively exploited since mid-2020
Microsoft says that a high-severity Windows zero-day vulnerability patched during the February 2021 Patch Tuesday was exploited in the wild since at least the summer of 2020 according to its telemetry data.
The actively exploited zero-day bug is tracked as 'CVE-2021-1732 - Windows Win32k Elevation of Privilege Vulnerability.
CVE-2021-1732 can be exploited by attackers with basic user privileges in low complexity attacks that don't require user interaction.
According to their report, the zero-day was being actively used in targeted attacks by an advanced persistent threat group tracked as Bitter and T-APT-17.
Bitter is known for information theft and espionage campaigns targeting China, Pakistan, and Saudi Arabia since at least 2013 [1, 2, 3, 4]. As they observed, the threat actor was using a CVE-2021-1732 exploit specifically targeting Windows 10 1909 systems, even though the zero-day impacts multiple Windows 10 and Windows Server up to the latest released versions.
Before being fixed by Redmond, this zero-day was also actively used by threat actors in targeted attacks.
News URL
Related news
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- New Windows Themes zero-day gets free, unofficial patches (source)
- Windows Themes zero-day bug exposes users to NTLM credential theft (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) (source)
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
- RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-25 | CVE-2021-1732 | Out-of-bounds Write vulnerability in Microsoft products Windows Win32k Elevation of Privilege Vulnerability | 0.0 |