Security News > 2023 > June > Experts Unveil Exploit for Recent Windows Vulnerability Under Active Exploitation
Details have emerged about a now-patched actively exploited security flaw in Microsoft Windows that could be abused by a threat actor to gain elevated privileges on affected systems.
"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft disclosed in an advisory issued last month as part of Patch Tuesday updates.
Sys is a kernel-mode driver and an integral part of the Windows architecture, being responsible for graphical device interface and window management.
While the exact specifics surrounding in-the-wild abuse of the flaw is presently not known, Numen Cyber has deconstructed the patch released by Microsoft to craft a proof-of-concept exploit for Windows Server 2016.
The Singapore-based cybersecurity company said the vulnerability relied on the leaked kernel handle address in the heap memory to ultimately obtain a read-write primitive.
Numen Cyber distinguishes itself from typical Web3 security companies by emphasizing the need for advanced security capabilities, specifically focusing on OS-level security attack and defense capabilities.
News URL
https://thehackernews.com/2023/06/experts-unveil-poc-exploit-for-recent.html
Related news
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
- Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Targets Over 6,000 Devices (source)
- Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk (source)
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
- CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability (source)