The United States Cybersecurity and Infrastructure Security Agency (CISA) is instructing federal agencies to protect their systems from an actively exploited vulnerability in Windows that could be used to gain elevated privileges on affected hosts.
CVE-2022-21882 (CVSS score: 7.0) has been added to the Known Exploited Vulnerabilities Repository, requiring Federal Civilian Executive Branch (FCEB) organisations to patch all devices against this security vulnerabilities by February 18, 2022.