"North Korean Hackers Exploit Windows Kernel Zero-Day for Months"

March 2, 2024 at 03:09 PM

•

1 min read

"North Korean Hackers Exploit Windows Kernel Zero-Day for Months" — Photo: BleepingComputer

TL;DR Summary

Microsoft patched a high-severity Windows Kernel privilege escalation vulnerability in February, six months after being informed that the flaw was being exploited as a zero-day by the North Korean Lazarus state hackers. The vulnerability impacts multiple versions of Windows and allows local attackers to gain SYSTEM privileges without user interaction. Lazarus exploited the flaw to gain kernel-level access, turn off security tools, and deploy a new remote access trojan (RAT) malware. Windows users are advised to install the February 2024 Patch Tuesday updates to block these attacks.

Topics:technology #cve-2024-21338 #cybersecurity #lazarus #microsoft #windows #zero-day-exploit

Share this article

Windows Kernel bug fixed last month exploited as zero-day since August BleepingComputer
Lazarus Group observed exploiting an admin-to-kernel Windows zero-day SC Media
Microsoft Zero-Day Used by Lazarus in Rootkit Attack Dark Reading
Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks The Hacker News
North Korean hackers exploit Windows zero-day flaw The Record from Recorded Future News

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

81%

466 → 87 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights