NA

CVE-2021-1732

Vulnerability Summary

Microsoft Windows could allow a local authenticated malicious user to gain elevated privileges on the system, caused by a flaw in the Win32k component. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

Most Upvoted Vulmon Research Post

Windows kernel zero-day exploit (CVE-2021-1732) is used by BITTER APT in targeted attack. This zero-day is a new vulnerability which caused by win32k callback, it could be used to escape the sandbox of Microsoft IE browser or Adobe Reader on the lasted Windows 10 version. The quality of this vulnerability high and the exploit is sophisticated. The use of this in-the-wild zero-day reflects the organization’s strong vulnerability reserve capability. The threat organization may have recruited members with certain strength, or buying it from vulnerability brokers. The in-the-wild zero-day: 1. It

Vulnerability Trend

Recent Articles

Recently fixed Windows zero-day actively exploited since mid-2020
BleepingComputer • Sergiu Gatlan • 20 Feb 2021

Microsoft says that a high-severity Windows zero-day vulnerability patched during the February 2021 Patch Tuesday was exploited in the wild since at least the summer of 2020 according to its telemetry data.
The actively exploited zero-day bug is tracked as '
 - Windows Win32k Elevation of Privilege Vulnerability.'
It allows local attackers to elevate their privileges to the admin level by triggering a use-after-free condition in the win32k.sys core kernel component.
CV...

Microsoft Pulls Bad Windows Update After Patch Tuesday Headaches
Threatpost • Lindsey O'Donnell • 16 Feb 2021

Microsoft has removed a faulty servicing stack update, which was causing issues for Windows users when they tried to install last week’s Patch Tuesday security updates.
Microsoft’s servicing stack update provides fixes for the component that installs Windows updates. This particular defective update (KB4601392) applied to Windows 10 users (version 1607 for 32-bit and x64-based systems) and Windows Server 2016 users.
To address this issue, Microsoft has removed the faulty update a...

Microsoft patches actively exploited Windows kernel flaw
welivesecurity • 10 Feb 2021

Yesterday was the second Tuesday of the month, which means that Microsoft is rolling out patches for security vulnerabilities found in Windows and its other products. This year’s second batch of security updates brings fixes for 56 vulnerabilities, including a zero-day flaw that is being actively exploited in the wild.
The elevation of privilege flaw vulnerability, tracked as CVE-2021-1732 and ranked as “important” on the Common Vulnerability Scoring System (CVSS) scale, resides in...

The Register

Patch Tuesday For its February Patch Day, Microsoft released security advisories covering 56 CVE-assigned vulnerabilities, 11 of them rated critical.
In doing so, the Windows giant managed to publish a misspelled URL on the landing page for its February updates that instead of taking visitors to the intended Microsoft Security Response Center post about API changes, pointed to msrc-blog.microosft.com, which turns out to be typo-bait domain. It redirects visitors to a findanswersnow.net sea...