The Cybersecurity and Infrastructure Security Agency has warned that threat actors have been actively exploiting a Windows Print Spooler privilege escalation
flaw affecting all Windows versions, which has been patched during the February Patch Tuesday, BleepingComputer reports.
Attackers could leverage the vulnerability, tracked as CVE-2022-22718, to conduct low-complexity attacks even in the absence of user interaction, according to Microsoft.
CISA has already included the Windows Spooler bug
in its catalog of Known Exploited Vulnerabilities, along with a cross-site scripting vulnerability in the Zimbra Collaboration Suite, tracked as CVE-2019-6882, and a VOIP stack buffer overflow vulnerability in WhatsApp, tracked as CVE-2019-3568, which are also being used in ongoing attacks.
Federal agencies have been urged by the directive to remediate the newly added flaws by May 10 but CISA has also called on all organizations across the US to address the Windows Spooler flaw.
"These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise," said CISA.