The vulnerability, identified as CVE-2024-38014, can be exploited by malware or a rogue user to gain SYSTEM-level privileges, effectively hijacking a PC.
SECC researcher Michael Baer pointed out that a low privileged user can exploit this vulnerability by running an .msi file, which opens a brief window for hijack.
Microsoft acknowledged that the bug is already being exploited, suggesting that either the exploit exists in the wild or SEC Consult's version works as intended.
The original plan to fix the vulnerability was postponed from May to September due to technical reasons, highlighting the complexities involved.
[
Collection
]
[
|
...
]