15/10/2021

Active exploitation of Windows vulnerability (CVE-2021-40449)

Our Security Partner have been monitoring reports that attackers are actively exploiting a high-severity vulnerability in Microsoft Windows (CVE-2021-40449). This elevation of privilege vulnerability in the Win32k driver affects multiple server and desktop Windows versions. Microsoft addressed this issue on October 12, 2021 as part of its October Security Update.

Recommended actions:

Our Security Partner recommend that customers review and apply the Microsoft security update as appropriate in their environments as soon as possible.

Questions:

If you have any questions or concerns about this advisory, please contact us via our support desk – support@empsn.org.uk

References:

Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

Our partners