Microsoft has just released the fixes for its traditional Patch Tuesday. Among the 11 critical vulnerabilities listed is an elevation of privilege (CVE-2021-1732) in the Windows kernel, in this case the win32kfull.sys file which controls the hardware by the operating system. “It can be used to escape the sandbox of Microsoft’s browser or Acrobat Reader on the latest versions of Windows 10. This vulnerability is of high quality and its exploitation is sophisticated”, point out researchers from DBAPPSecurity Threat Intelligence Center, who found it.
This flaw is all the more dangerous as it is actively exploited by “Bitter APT”, a group of hackers probably located in South Asia. This flaw was detected in December 2020 in one of the malware that this group was using to target Chinese people or organizations. For its part, Adobe has just released a fix for a buffer overflow (CVE-2021-21017) allowing to execute arbitrary code in Acrobat Reader. Again, this vulnerability is actively used to infect Windows users, without further details. It is not known if the two flaws are related, but it is clear that they would complement each other perfectly.
Source : Hacker News