Security News > 2023 > June > Experts Unveil Exploit for Recent Windows Vulnerability Under Active Exploitation
Details have emerged about a now-patched actively exploited security flaw in Microsoft Windows that could be abused by a threat actor to gain elevated privileges on affected systems.
"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft disclosed in an advisory issued last month as part of Patch Tuesday updates.
Sys is a kernel-mode driver and an integral part of the Windows architecture, being responsible for graphical device interface and window management.
While the exact specifics surrounding in-the-wild abuse of the flaw is presently not known, Numen Cyber has deconstructed the patch released by Microsoft to craft a proof-of-concept exploit for Windows Server 2016.
The Singapore-based cybersecurity company said the vulnerability relied on the leaked kernel handle address in the heap memory to ultimately obtain a read-write primitive.
Numen Cyber distinguishes itself from typical Web3 security companies by emphasizing the need for advanced security capabilities, specifically focusing on OS-level security attack and defense capabilities.
News URL
https://thehackernews.com/2023/06/experts-unveil-poc-exploit-for-recent.html
Related news
- LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Security pros baited with fake Windows LDAP exploit traps (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability (source)
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
- Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)