A safety flaw within the Windows Print Spooler part that was patched by Microsoft in February is being actively exploited within the wild, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned.
To that finish, the company has added the shortcoming to its Known Exploited Vulnerabilities Catalog, requiring Federal Civilian Executive Branch (FCEB) businesses to handle the problems by May 10, 2022.
Tracked as CVE-2022-22718 (CVSS rating: 7.8), the safety vulnerability is one among the many 4 privilege escalation flaws within the Print Spooler that Microsoft resolved as a part of its Patch Tuesday updates on February 8, 2022.
It’s value noting that the Redmond-based tech large has remediated quite a few Print Spooler flaws for the reason that crucial PrintNightmare distant code execution vulnerability got here to gentle final yr, together with 15 elevation of privilege vulnerabilities in April 2022.
Also added to the catalog are two different safety flaws based mostly on “evidence of active exploitation” –
- CVE-2018-6882 (CVSS rating: 6.1) – Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
- CVE-2019-3568 (CVSS rating: 9.8) – WhatsApp VOIP Stack Buffer Overflow Vulnerability
The addition of CVE-2018-6882 comes shut on the heels of an advisory launched by the Computer Emergency Response Team of Ukraine (CERT-UA) final week, cautioning of phishing assaults concentrating on authorities entities with the objective of forwarding victims’ emails to a third-party e-mail deal with by leveraging the Zimbra vulnerability.
CERT-UA attributed the focused intrusions to a risk cluster tracked as UAC-0097.
In gentle of actual world assaults weaponizing the vulnerabilities, organizations are beneficial to scale back their publicity by “prioritizing timely remediation of […] as part of their vulnerability management practice.”