Russian cyber-security firm Kaspersky Lab said Wednesday that Microsoft has fixed a zero-day exploit that it discovered in August, which could affect the Microsoft Windows operating system, including the latest Windows 10, Al-Bawaba reports.
Kaspersky said its security team found the zero-day vulnerability in the Win32k component of the operating system, which could be used by hackers to gain access to victim systems, and it has notified Microsoft of the threat.
“The exploit was executed by the first stage of a malware installer to get necessary privileges for persistence on the victim’s system. The code of the exploit is of high quality and written with the aim of reliably exploiting as many different MS Windows builds as possible, including MS Windows 10 RS4,” Kaspersky said in a security analysis report.
The Moscow-based cyber-security firm reported a very limited number of attacks using this vulnerability, saying the targets were located in the Middle East.
The vulnerability was delivered via a PowerShell backdoor, which has exclusively been used by the FruityArmor group in the past. The cyber-espionage group has been active since 2016 and targeting various organizations in the Mideast region.
Microsoft fixed the bug in a series of security patch updates released on Tuesday, which classified it as an “important” severity marking, the Kaspersky said.
“An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” Microsoft wrote in an advisory about security update.
The update addresses this vulnerability by correcting how Win32k handles objects in memory of MS Windows operating system.
