The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven known vulnerabilities to its catalog of actively exploited flaws, including old Microsoft Windows and Internet Explorer bugs alongside newer Microsoft Defender elevation-of-privilege and denial-of-service vulnerabilities. CISA is urging all organizations, particularly federal agencies, to prioritize patching these vulnerabilities as part of routine vulnerability management.