Security News > 2023 > June > Experts Unveil Exploit for Recent Windows Vulnerability Under Active Exploitation
Details have emerged about a now-patched actively exploited security flaw in Microsoft Windows that could be abused by a threat actor to gain elevated privileges on affected systems.
"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft disclosed in an advisory issued last month as part of Patch Tuesday updates.
Sys is a kernel-mode driver and an integral part of the Windows architecture, being responsible for graphical device interface and window management.
While the exact specifics surrounding in-the-wild abuse of the flaw is presently not known, Numen Cyber has deconstructed the patch released by Microsoft to craft a proof-of-concept exploit for Windows Server 2016.
The Singapore-based cybersecurity company said the vulnerability relied on the leaked kernel handle address in the heap memory to ultimately obtain a read-write primitive.
Numen Cyber distinguishes itself from typical Web3 security companies by emphasizing the need for advanced security capabilities, specifically focusing on OS-level security attack and defense capabilities.
News URL
https://thehackernews.com/2023/06/experts-unveil-poc-exploit-for-recent.html
Related news
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Targets Over 6,000 Devices (source)
- Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk (source)
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
- CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability (source)
- CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation (source)
- Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability (source)
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)