On Tuesday, Microsoft released a warning stating that its security teams had detected zero-day exploitation of a critical vulnerability that had been previously disclosed. The vulnerability lies in the Windows platform and was fixed in the latest batch of Patch Tuesday updates. However, attackers are now actively exploiting the flaw to gain system privileges on Windows machines. Microsoft released the bulletin acknowledging the bug and warning users to be wary of attacks. The vulnerability was allegedly reported to Microsoft by four different organizations, suggesting that it was likely used as an exploit chain.

No technical details regarding the bug have been released, as it is possible this could help attackers to continue to exploit it. In addition, no indicators of compromise were identified. The flaw has a CVSS score of 7.8 out of 10. The latest patch Tuesday covered 64 new vulnerabilities that exist in a range of Windows and OS components, such as SharePoint, Office, Defender, and Microsoft Edge.

Read More: Microsoft Raises Alert for Under-Attack Windows Flaw