The Cybersecurity and Infrastructure Security Agency (CISA) has added three new security flaws to its list of actively exploited bugs, including a local privilege escalation bug in the Windows Print Spooler.
This high severity vulnerability (tracked as CVE-2022-22718) impacts all versions of Windows per
Microsoft's advisory and it was patched during
the February 2022 Patch Tuesday.
The only information Microsoft shared about this security flaw is that threat actors can exploit it locally in low-complexity attacks without user interaction.
Redmond patched
several other Windows Print Spooler bugs in the last 12 months, including the critical
PrintNightmare remote code execution vulnerability.
After technical details and a proof-of-concept (POC) exploit for PrintNightmare were accidentally leaked,
CISA warned admins to disable the Windows Print Spooler service on Domain Controllers and systems not used for printing to block potentially incoming attacks.
Last week, CISA
added another privilege escalation bug in the Windows Common Log File System Driver to the list of flaws exploited in the wild, a bug reported by CrowdStrike and the US National Security Agency (NSA) and patched by Microsoft during
this month's Patch Tuesday.