All articles tagged with #windows kernel
Microsoft released security patches for 63 vulnerabilities, including a actively exploited Windows Kernel zero-day (CVE-2025-62215) that could allow privilege escalation, along with other critical flaws in graphics, Linux subsystem, and Kerberos, emphasizing ongoing threats and the importance of timely updates.
Microsoft's November 2025 Patch Tuesday addresses 63 security flaws, including one actively exploited zero-day in the Windows Kernel, with critical updates for various vulnerabilities across Microsoft products. The update emphasizes the importance of upgrading from unsupported Windows 10 to Windows 11 and highlights recent security patches from other vendors. A webinar on modern patch management is also promoted.
The Lazarus Group exploited a recently patched Windows Kernel flaw, CVE-2024-21338, as a zero-day to gain kernel-level access and disable security software on compromised hosts. This allowed them to run the FudModule rootkit, which can disable security solutions and manipulate Windows components. The attack showcases the group's technical sophistication and cross-platform focus, as they also target Apple macOS systems. This incident highlights the ongoing threat posed by the Lazarus Group as one of the most prolific and advanced persistent threat actors in the cybersecurity landscape.