Dark Reading

Older Versions of Windows at Risk From New Zero-Day Exploit

Cybersecurity firm ESET discovered a Windows zero-day exploit that affects older systems like Windows 7 and Server 2008. Called CVE-2019-1132, it is a privilege escalation issue linked to how the ...
Dark Reading

Novel Exploit Chain Enables Windows UAC Bypass

Researchers have flagged a weakness they're tracking as CVE-2024-6769, calling it a combination user access control (UAC) bypass/privilege escalation vulnerability in Windows. It could allow an ...
CRN

Hackers Circulate Exploit Code For Two Windows Flaws

Microsoft is aware of both exploits, but doesn't see a threat. "[We are] not currently aware of active attacks utilizing the exploit code," Microsoft spokesperson Kjersti Gunderson said.
Computerworld

Unpatched DLL bugs let hackers exploit Windows 7 and IE9, says researcher

Although Microsoft has patched multiple DLL load hijacking vulnerabilities since last summer, Windows and Internet Explorer 9 (IE9) can still be exploited, a security company warned today. Microsoft ...
Infosecurity-magazine.com

Hackers Exploit Privilege Escalation Flaw on Windows Backup Service

Threat actors have been observed exploiting a privilege escalation vulnerability on the Windows Backup and Restore service. "[...] CVE-2023-21752 is a vulnerability which allows a basic user to ...
Network World

Microsoft changes Windows 7 UAC due to new exploit code

A pair of Windows bloggers posted more proof-of-concept code today that subverts an important security feature of Windows 7, a problem Microsoft knew about as long ago as last October and which one of ...