Windows 0-day drops the same day Microsoft releases record number of patches
AI Generated Image

Windows 0-day drops the same day Microsoft releases record number of patches

Ars Technica technology

Key Points:

  • A new Windows zero-day exploit called HiveLegacy, published by the pseudonymous researcher NightmareEclypse, allows low-privilege users to modify administrator account registry settings, potentially enabling privilege escalation.
  • HiveLegacy targets the Windows User Profile Service by manipulating the classes registry hive, which controls file associations, thereby enabling code execution with admin privileges when the admin logs in.
  • The exploit requires knowledge of credentials for one user account and the username of a third account on the machine, but does not require initial admin rights, making it a powerful attack vector.
  • Microsoft is investigating the vulnerability but has urged researchers to follow coordinated disclosure policies; meanwhile, security experts recommend running detection scripts and monitoring specific registry and service activities to mitigate risk.
  • Analysts warn that HiveLegacy could be chained with other exploits for more direct administrative access, highlighting the severity and potential impact of this privilege escalation flaw.

Trending Business

Trending Technology

Trending Health