微软修补了北韩拉扎鲁斯集团利用的零天特权升级错误(CVE-2024-38193)。 Microsoft patched a zero-day privilege escalation bug (CVE-2024-38193) exploited by North Korean Lazarus Group.
Microsoft 修补了一个零日权限升级漏洞 CVE-2024-38193,严重性评分为 7.8,该漏洞已被朝鲜黑客 Lazarus Group 积极利用。 Microsoft patched a zero-day privilege escalation bug, CVE-2024-38193, with a 7.8 severity score, which had been actively exploited by North Korean hackers Lazarus Group. WinSock Windows辅助功能驱动器(AFD.sys)的缺陷,在目标机器上给予攻击者系统一级的特权,并用一个称为FudModule的恶意软件根基来利用它绕过安全限制和进入敏感系统区域。 The flaw, in the Windows Ancillary Function Driver (AFD.sys) for WinSock, granted attackers SYSTEM-level privileges on targeted machines, and was used with a malware rootkit called FudModule to bypass security restrictions and access sensitive system areas. 建议用户更新其系统,以防止潜在威胁。 Users are advised to update their systems to protect against potential threats.