Patched just last week, the Windows kernel bug is being used for full system takeover.
A just-patched vulnerability in the Windows operating system that was previously unknown up until last week is being actively exploited in the wild; it opens the door for full system takeover.
Discovered by Vasily Berdnikov and Boris Larin of Kaspersky Lab on St. Patrick’s Day this year, the flaw (CVE-2019-0859) is a use-after-free issue in the Windows kernel that allows local privilege escalation (LPE). It’s being used in advanced persistent threat (APT) campaigns, the researchers said, targeting 64-bit versions of Windows (from Windows 7 to older builds of Windows 10).
The attackers are using the bug to establish persistent backdoors to targeted machines, gaining the ability to run arbitrary code in kernel mode. An attacker could then install programs; view, change or delete data; or create new accounts with full user rights.
Full Article.
