Two days after a security researcher released details and proof-of-concept code about an unpatched Windows zero-day, one malware group had already incorporated the vulnerability in their exploit chain and was attempting to infect users around the globe.
The zero-day used in this malware distribution campaign is a (still-unpatched) vulnerability in the Windows Task Scheduler feature, affecting the Advanced Local Procedure Call (ALPC) function.
Details about this vulnerability were released on August 27, on Twitter and GitHub, along with a fully working proof-of-concept exploit.
Read more…
Source: ZDNet