CISA Issues Warning: Malware Exploits Microsoft Streaming Bug


The Cybersecurity and Infrastructure Security Agency (CISA) has instructed U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their Windows systems due to a high-severity vulnerability in the Microsoft Streaming Service (MSKSSRV.SYS). Tracked as CVE-2023-29360, the flaw allows local attackers to gain SYSTEM privileges without user interaction. Discovered by Synactiv's Thomas Imbert and reported through Trend Micro's Zero Day Initiative, Microsoft patched the bug in June 2023. While no evidence suggests ransomware use, CISA has included the vulnerability in its Known Exploited Vulnerabilities Catalog, mandating federal agencies to patch systems by March 21 under operational directive BOD 22-01. Exploited by Raspberry Robin malware since August 2023, the vulnerability underscores the importance of timely patching against evolving threats.