Big Data

Microsoft left a Windows kernel zero-day unpatched for six months, despite knowing it was being actively exploited

Microsoft failed to update a zero-day vulnerability affecting Windows AppLocker that allowed attackers to bypass the admin-to-kernel boundary for months, despite being notified the flaw was under active exploitation, research shows.  

A report from security specialists Avast outlined the details of the vulnerability, CVE-2024-21338, as well as the exploitation activities of the Lazarus Group


This website uses cookies. By continuing to use this site, you accept our use of cookies.