HomeVulnerabilityMicrosoft patches privilege escalation flaw exploited since 2023

Microsoft patches privilege escalation flaw exploited since 2023

The ESET researchers stated the exploit was first seen within the wild in 2023, when it was deployed on computer systems by way of a backdoor program dubbed PipeMagic. First found in 2022, PipeMagic is a plugin-based malware first used towards organizations in Asia and final 12 months towards entities from Saudi Arabia. Within the final marketing campaign, the malware was distributed by way of a pretend ChatGPT utility written in Rust.

“The exploit targets Home windows 8.1 and Server 2012 R2,” the ESET researchers stated on X. “The vulnerability impacts OSes launched earlier than Home windows 10 construct 1809, together with nonetheless supported Home windows Server 2016. It doesn’t have an effect on more moderen Home windows OSes comparable to Home windows 11.”

Whereas not remotely exploitable, privilege escalation flaws are worthwhile to attackers who handle to trick customers into executing malware as a result of they permit a full system takeover, on this case with SYSTEM privileges.

See also  Copilot is prepared for takeoff: Microsoft rolls out synthetic intelligence for Home windows
- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular