Malware creators are already developing tools with a fresh exploit that exploits a zero-day vulnerability, which was recently publicly reported by security researcher Abdelhamid Naceri. Jaeson Schultz, CTO of the Cisco Talos Security Intelligence & Research Group, said his team has discovered the first malware samples that attempt to exploit the new vulnerability.
Nick Biasini, head of public relations for Cisco Talos, says the exploitation attempts are part of small attacks that are likely to test and tune hacking tools rather than full-scale campaigns. According to him, this is another testament to how quickly attackers are working to turn a publicly available exploit into a weapon.
As a reminder, a vulnerability discovered by Naseri allows obtaining the highest system privileges on computers running all supported versions of Windows 10, Windows 11 and Windows Server. Using this vulnerability, attackers with limited access to compromised systems can easily elevate their privileges to gain complete control over the victim’s computer. Naseri himself states that the best and only way to fix the vulnerability is to wait for the release of a Microsoft security patch.