CISA Adds Seven Actively Exploited Flaws

The US cybersecurity agency has added seven vulnerabilities to its KEV catalog, confirming they are being actively exploited in real-world attacks.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This update serves as an official confirmation that all seven flaws have been observed being actively used in cyberattacks. The list includes a mix of both old and recent security holes affecting widely used software. Among the products impacted are Microsoft Windows, DirectX, Internet Explorer, and Microsoft Defender, as well as Adobe Acrobat and Reader. The specific vulnerabilities range from buffer overflows and use-after-free bugs to elevation of privilege and denial-of-service issues.

Inclusion in the KEV catalog significantly raises the urgency for organizations to address these vulnerabilities. It moves them from a theoretical risk to a proven, immediate threat. The list notably includes several legacy vulnerabilities dating back over a decade, highlighting the persistent danger posed by unpatched older systems that remain in use. The presence of newer flaws in Microsoft Defender also underscores that security products themselves are valuable targets for attackers. This CISA directive mandates that federal agencies patch these vulnerabilities by a specific deadline, and it serves as a strong recommendation for all other organizations to prioritize these updates to defend against active threats.

A KEV listing confirms active exploitation, turning theoretical risks into immediate threats. It requires organizations to prioritize patching these specific vulnerabilities to prevent attacks.

Failure to patch these exploited vulnerabilities exposes organizations to potential security breaches, data loss, and operational disruption. The inclusion of legacy software flaws highlights risks in older, unmanaged IT assets.