In a blog post, Microsoft explains that it recently patched a dangerous security flaw within Windows, as the firm does regularly. However, this flaw has been present for 6 months and has already been exploited by hackers. Worse still, the accesses she delivers are particularly critical.
We regularly urge you to update your Windows system — as well as the rest of your digital devices — to best protect yourself against security breaches and cyberattacks. But it happens that it is Microsoft which arrives slightly late with its fixes. This is unfortunately for the flaw called CVE-2024-21338, discovered by Avast in August 2023 and which has just been patched by the Redmond firm.
A rather astonishing lack of reaction, given the seriousness of the vulnerability. Indeed, by going through a certain Windows driver, the hacker can execute code remotely on your machine until accessing the kernel of your system, the most critical area of the latter. With this access, the hacker can do almost anything, from stealing all your data to installing malware without being detected.
On the same subject — Windows 10 and 11: Microsoft fixes significant PowerShell security flaws, an update is required
Don’t wait to update your Windows system
Obviously, with such a delay on Microsoft’s side, the hackers were quick to exploit this flaw which was open to them. According to Avast, the Lazarus hacker group, among the most dangerous on the planet, used this vulnerability to deploy its FudModule rootkit. A situation which clearly does not worry Microsoft.
“To exploit this vulnerability, an attacker would first have to log on to the system. He could then run a specially designed application to exploit this vulnerability and take control of an affected system., explains the firm in its blog post. That being said, it is easy to imagine that a hacker capable of accessing the Windows kernel would be able to open a user session remotely.
Source: Microsoft