Kaspersky warns new Zero-day vulnerability is being actively exploited

Home » News

Reading time icon 2 min. read

Calendar icon Published on

by Atiya Davids 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

A zero-day vulnerability, as well as four similar security holes which could potentially allow cyber criminals full access to your system, was found in the win32k.sys system file during a recent malware investigation by Kapersky.  Windows versions 7,8.1, and 10, along with the associated server editions, can be targeted.

The vulnerability potentiated an unidentified APT criminal group to exploit these vulnerabilities in order to gain privileges to install a Windows PowerShell backdoor, which would allow cybercriminals to operate without a trace and gain complete control of the infected device.

Kapersky has since released a patch update, so as long as your system’s up to date, you’ll be protected; but perhaps at the expense of your convenience.  Users have since complained of their systems becoming significantly slower, which can be attributed to the additional antivirus programs installed.

Whilst you don’t want a painfully slow device, you also don’t want a security compromised one.  Kapersky has recommended the following security measures in order to ensure the most efficient protection against the installation of backdoors due to zero-day vulnerabilities:

  • Install the Microsoft-provided update to close the vulnerability
  • Update your operating system software regularly
  • Use behaviour-based detection solutions which can detect unknown threats.

Via DrWindows.de

More about the topics: Kapersky, malware

Atiya Davids

Atiya Davids Shield

News Reporter