Security News > 2022 > April > Hackers Exploiting Recently Reported Windows Print Spooler Vulnerability in the Wild
A security flaw in the Windows Print Spooler component that was patched by Microsoft in February is being actively exploited in the wild, the U.S. Cybersecurity and Infrastructure Security Agency has warned.
To that end, the agency has added the shortcoming to its Known Exploited Vulnerabilities Catalog, requiring Federal Civilian Executive Branch agencies to address the issues by May 10, 2022.
Tracked as CVE-2022-22718, the security vulnerability is one among the four privilege escalation flaws in the Print Spooler that Microsoft resolved as part of its Patch Tuesday updates on February 8, 2022.
It's worth noting that the Redmond-based tech giant has remediated a number of Print Spooler flaws since the critical PrintNightmare remote code execution vulnerability came to light last year, including 15 elevation of privilege vulnerabilities in April 2022.
The addition of CVE-2018-6882 comes close on the heels of an advisory released by the Computer Emergency Response Team of Ukraine last week, cautioning of phishing attacks targeting government entities with the goal of forwarding victims' emails to a third-party email address by leveraging the Zimbra vulnerability.
In light of real world attacks weaponizing the vulnerabilities, organizations are recommended to reduce their exposure by "Prioritizing timely remediation of as part of their vulnerability management practice."
News URL
https://thehackernews.com/2022/04/hackers-exploiting-recently-reported.html
Related news
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Patching problems: The “return” of a Windows Themes spoofing vulnerability (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-09 | CVE-2022-22718 | Unspecified vulnerability in Microsoft products Windows Print Spooler Elevation of Privilege Vulnerability | 0.0 |
| 2018-03-27 | CVE-2018-6882 | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment. | 6.1 |