On Tuesday February 9th, Microsoft released another round of security updates. These patches address vulnerabilities across multiple products, with 11 rating as critical and one zero day that was being actively exploited by attackers, CVE-2021-1732. This CVE affects the Win32k component in Windows allowing attackers to gain SYSTEM-level control from unprivileged user access. Microsoft has withheld any details as this is still being used by various threat actors. CVE-2021-24078 is a critical flaw in Windows DNS servers allowing remote code execution. It has been reported that if a system is not configured to service DNS it is not susceptible to exploitation.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased