Microsoft on Tuesday issued fixes for 56 flaws, including a critical vulnerability that’s known to be actively exploited in the wild. The most critical of the flaws is a Windows Win32k privilege escalation vulnerability (CVE-2021-1732, CVSS score 7.8) A zero-day exploit leveraging the flaw was detected in a “very limited number of attacks” against victims located in China by a threat actor named Bitter APT. The attacks were discovered in December 2020. The updates cover Microsoft’s core components such as Kernel, TCP/IP, Print Spooler, and Remote Procedure Call (RPC)
Source: https://thehackernews.com/2021/02/microsoft-issues-patches-for-in-wild-0.html