Security News > 2024 > June > Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw
2024-06-12 11:11
Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as zero-day, according to new findings from Symantec. The security flaw in question is CVE-2024-26169 (CVSS score: 7.8), an elevation of privilege bug in the Windows Error Reporting Service that could be exploited to achieve SYSTEM
News URL
https://thehackernews.com/2024/06/black-basta-ransomware-may-have.html
Related news
- New Windows Server 2012 zero-day gets free, unofficial patches (source)
- BT unit took servers offline after Black Basta ransomware breach (source)
- New Windows zero-day exposes NTLM credentials, gets unofficial patch (source)
- Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering (source)
- Cleo patches zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-12 | CVE-2024-26169 | Unspecified vulnerability in Microsoft products Windows Error Reporting Service Elevation of Privilege Vulnerability | 0.0 |