9621 Agnes Crossing, Lake Suzanneview, New Mexico Island 84604-9295.
According to Avast, it was actively used by North Korean hackers affiliated with the Lazarus group. The vulnerability was linked to the appid.sys driver in the AppLocker utility.
According to Avast, it was actively used by North Korean hackers affiliated with the Lazarus group. The vulnerability was linked to the appid.sys driver in the AppLocker utility.
Exploiting this flaw allowed attackers with system access to escalate their privileges to the SYSTEM level without any interaction with the victim. The vulnerability affected devices running various versions of Windows, including Windows 11, Windows 10, Windows Server 2022 and Windows Server 2019.
Avast explained that exploiting CVE-2024-21338 requires attackers to log into the system and then launch a specially crafted application designed to exploit the vulnerability and take control of the device.
According to Avast’s findings, the Lazarus group has been exploiting this vulnerability since at least August last year. Exploiting this flaw allowed attackers to gain kernel-level privileges and disable defense mechanisms on compromised systems. They then introduced the FudModule rootkit into the affected systems undetected, which allowed them to perform various manipulations with core objects.
Source: 24 Tv
I’m Sandra Torres, a passionate journalist and content creator. My specialty lies in covering the latest gadgets, trends and tech news for Div Bracket. With over 5 years of experience as a professional writer, I have built up an impressive portfolio of published works that showcase my expertise in this field.
