CISA issued a warning for a vulnerability in Microsoft Streaming; being exploited by malware attackers
1 min. read
Published on
Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more
The Cybersecurity and Infrastructure Security Agency (CISA) is urging all organizations, especially federal agencies of countries, to patch a critical vulnerability in the Microsoft Streaming Service (MSKSSRV.SYS) that attackers are actively and extensively exploiting.
The vulnerability goes by the ID CVE-2023-29360. What it does is it allows local attackers to gain full control (SYSTEM privileges) over vulnerable systems with very minimal effort.
As reported, this vulnerability was said to be patched by Microsoft in June 2023, but the exploit code became publicly available three months later.
CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog and is mandating all federal agencies to patch their systems by March 21st, 2024.
While CISA hasn’t found evidence of this vulnerability being used in ransomware attacks, it is still a major security risk and should be addressed by all organizations immediately.
TL;DR:
- Vulnerability: CVE-2023-29360 in Microsoft Streaming Service (MSKSSRV.SYS)
- Severity: High
- Impact: Allows attackers to gain full control of systems
- Patched: June 2023 Patch Tuesday
- Exploited since: August 2023
- Ransomware usage: No evidence found
- Patch deadline for federal agencies: March 21st, 2024
More in-depth information is here.
User forum
0 messages