Microsoft patched the very dangerous Windows “Day 0” critical vulnerability as it was before actively abused to escalate privileges and deploy the payload of the popular Nokoyawa ransomware.

It is one of Fixed 97 vulnerabilities in the April security update, which Microsoft releases on the second Tuesday of the month. Seven of them are classified as “critical” and the rest as “important” in terms of their severity. The number of errors in each category is:

• 20 increasing the level of privilege vulnerability.
• 8 Security features Vulnerability bypass.
• 45 remote code execution vulnerabilities.
• 10 Information Disclosure Vulnerabilities.
• 9 denial of service vulnerabilities.
• 6 Phishing Vulnerabilities.

A critical Windows vulnerability listed as the most dangerous Yippee CVE-2023-28252, privilege escalation error in the Windows Common Log File System (CLFS) driver. An attacker who successfully exploited this vulnerability could gain “SYSTEM” privileges and take control of the device.

According to Russian security firm Kaspersky, the vulnerability was created by a cybercrime group to deploy the Nokoyawa ransomware against small and medium-sized businesses. It is currently found in the Americas, the Middle East and Asia, although it is possible that it is already circulating around the world.

Emphasize that this is oa Vulnerability 0 days, actively used before an official patch such as the one arriving this Patch Tuesday was available. The vulnerabilities affect a large amount of Microsoft software and all Windows operating systems, client and server versions.

Of course, it is recommended to update your device as soon as possible. As with all other cumulative monthly security patches, its installation is very simple from the same system configuration:

• Press the keyboard shortcut “Windows + I” to open the Settings tool.
• Go to Update & Security > Windows Update.
• Actively check for updates. Microsoft offers them immediately after the release of each Patch Tuesday.
• To use them, download, install, and restart your computer.

More advanced users or those who want more control over what they install can use the Microsoft Update catalog, go to its website and download a set of fixes, defined on this occasion as KB5025221, for versions of Windows 10 from 20H2 onwards.