As part of its regular patch Tuesday release, Microsoft has announced an escalation of privileges vulnerability (CVE-2021-1732) in Microsoft Win32k. A local attacker can exploit this vulnerability to take control of an affected system. Microsoft has stated that Windows 10 and Windows Server 2019 are affected by this vulnerability. Microsoft has also reported that this vulnerability has been exploited in the wild. For more information on CVE-2021-1732, the Cybersecurity and Infrastructure Security Agency (CISA) has posted an activity alert. CISA advises agencies to patch all instances of these affected products as soon as possible. Additional information on both the vulnerability and affected versions may also be found in Microsoft’s security advisory on CVE-2021-1732. Access the activity alert at CISA.