Even though the US National Security Agency (NSA) reported this flaw to Microsoft and they patched it in their October 2022 Patch Tuesday, the threat group APT28 is still exploiting it.
Microsoft: APT28 hackers exploit Windows flaw reported by NSA – BleepingComputer
The Russian threat group uses a hacking tool called GooseEgg to exploit a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data.
Your takeaway
Keep those patches up to date, because the threat actors never forget that some organisations do not bother to fix flaws.
Clive Catton MSc (Cyber Security) – by-line and other articles