Warning of zero-day vulnerabilities in window manager on PC

When analyzing the CVE-2021-1732 vulnerability that was once exploited by the BITT APT team, Kaspersky experts found a similar zero-day vulnerability. This is a vulnerability that has never been previously exploited and has not been associated with any known harmful agents. Immediately, Kaspersky notified Microsoft. Once confirmed, this zero-day vulnerability is named CVE-2021-28310.

'Initially, this vulnerability was discovered by our advanced technology to prevent the vulnerability and archive related findings. In fact, over the past few years, we have included many anti-exploit technologies in our products, and these technologies have consistently worked .''- Boris Larin - security expert at Kaspersky - said.

According to the researchers, it is likely that this vulnerability has been used but not discovered. This is a privilege escalation (EoP) vulnerability discovered in the Desktop Window Manager, allowing an attacker to execute malicious code on the victim's machine. This vulnerability can potentially be used in conjunction with other vulnerabilities in the browser to avoid the sandbox engine. Hackers can even gain privileges through this loophole to gain deeper access to a computer system.

However, Kaspersky's initial investigation has not revealed the full chain of infections. Therefore, security experts still do not know if this vulnerability will be used concurrently with another zero-day vulnerability.

To prevent threats from new vulnerabilities, Kaspersky experts recommend individuals and businesses to install patches for the vulnerability as soon as possible. In addition, IT security managers can use vulnerability and patch management in an endpoint security solution to simplify work. To avoid unexpected cyber attacks, units should also deploy an enterprise-level security solution that detects high-level threats early in the network.