Summary: Following February’s Patch Tuesday, CISA has added six Microsoft zero-days to its Known Exploited Vulnerabilities (KEV) catalog. These flaws affect Windows 10, Windows 11, and Microsoft Office, with evidence of active use in state-sponsored espionage and ransomware delivery.
Business Impact: Extreme. These vulnerabilities allow for remote code execution and privilege escalation. For enterprises in Bahrain and the GCC, failure to patch immediately leaves the door open for “Living off the Land” attacks where hackers use legitimate OS tools to stay hidden.
Why It Happened: Attackers successfully reverse-engineered previous patches to find unaddressed logic flaws in how Windows handles GDI objects and Office processes OLE documents.
Recommended Executive Action: Mandate a 48-hour “Emergency Patching Window” for all Windows workstations and servers. Prioritize Office updates as the primary vector for current phishing campaigns.
Hashtags: #CISA #KEV #Microsoft #ZeroDay #PatchTuesday #Infosec