Critical Windows Kernel Zero‑Day Weaponized Against Banks in NA and EU

Microsoft’s Security Response Center has disclosed a critical zero‑day vulnerability in the Windows kernel that grants attackers system‑level privileges without any user interaction. The flaw can be triggered remotely and has been confirmed as actively exploited in the wild.

Telemetry shows the exploit is being used in highly focused campaigns targeting financial institutions across North America and Europe. Threat actors leverage the privilege escalation to install ransomware, exfiltrate credentials, and move laterally within the network.

Defenders must prioritize applying Microsoft’s out‑of‑band patch immediately, enforce strict application allow‑lists, and monitor for known IOCs such as unusual kernel‑mode driver loads and anomalous privileged process creation. Assume compromise on any unpatched system and conduct rapid incident response to contain potential breaches.

Categories: Vulnerabilities & Exploits, Threat Intelligence

Source: Read original article