Recent Windows ALPC zero-day has been exploited in the wild for almost a week

Two days after a security researcher released details and proof-of-concept code about an unpatched Windows zero-day, one malware group had already incorporated the vulnerability in their exploit chain and was attempting to infect users around the globe.

The zero-day used in this malware distribution campaign is a (still-unpatched) vulnerability in the Windows Task Scheduler feature, affecting the Advanced Local Procedure Call (ALPC) function.

Details about this vulnerability were released on August 27, on Twitter and GitHub, along with a fully working proof-of-concept exploit.

Read more…
Source: ZDNet