zero-day exploit
Kaspersky Discovers Zero-Day Exploit in Desktop Window Manager
Sourced from International IDEA Kaspersky has discovered another zero-day exploit, however, researchers are currently unable to link this exploit to any known threat actor. This kind of vulnerability is basically an unknown software bug – upon identification and discovery, they allow attackers to conduct malicious activities in the shadows, resulting in unexpected and destructive consequences. While analysing the CVE-2021-1732 exploit, Kaspersky researchers found another such zero-day exploit and reported it to Microsoft in February. After confirmation that it is indeed a zero-day, it received the designation CVE-2021-28310. According to the researchers, this exploit is used in the wild, potentially by several threat actors. It is an escalation of privilege (EoP) exploit, found in Desktop ...
