"North Korean Hackers Exploit Windows Kernel Zero-Day for Months"
Microsoft patched a high-severity Windows Kernel privilege escalation vulnerability in February, six months after being informed that the flaw was being exploited as a zero-day by the North Korean Lazarus state hackers. The vulnerability impacts multiple versions of Windows and allows local attackers to gain SYSTEM privileges without user interaction. Lazarus exploited the flaw to gain kernel-level access, turn off security tools, and deploy a new remote access trojan (RAT) malware. Windows users are advised to install the February 2024 Patch Tuesday updates to block these attacks.