In early February, CISA also announced that a critical Microsoft Outlook remote code execution (RCE) vulnerability (CVE-2024-21413) is now being exploited in ongoing attacks and ordered federal agencies to patch their systems by February 27. Microsoft and Cisco have not yet updated their security advisories after CISA tagged the two vulnerabilities as actively exploited in attacks. Today, CISA added the two vulnerabilities to its Known Exploited Vulnerabilities catalog, which lists security bugs the agency has tagged as exploited in attacks. CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. Cisco says in an advisory published in January 2023 and updated one year later that its Product Security Incident Response Team (PSIRT) is aware of CVE-2023-20025 publicly available proof-of-concept exploit code. As mandated by the Binding Operational Directive (BOD) 22-01 issued in November 2021, Federal Civilian Executive Branch (FCEB) agencies now have three weeks, until March 23, to secure their networks against ongoing exploitation. The second security bug (CVE-2018-8639) is a Win32k elevation of privilege flaw that local attackers logged into the target system can exploit to run arbitrary code in kernel mode. According to a security advisory issued by Microsoft in December 2018, this vulnerability impacts client (Windows 7 or later) and server (Windows Server 2008 and up) platforms. "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," CISA said today.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 03 Mar 2025 17:55:16 +0000