2024-11-29
Vulnerability :
This article describes a vulnerability (CVE-2024-30051) in the Windows Desktop Window Manager (DWM) Core Library. It allows attackers to escalate their privileges to the highest level (SYSTEM) on vulnerable systems. This vulnerability was exploited in attacks using QakBot malware.
Vulnerability Details:
Platform: Windows (10 and above), Windows Server (2016 and later)
Version: Not specified
Vulnerability: Heap-based buffer overflow in DWM Core Library
Severity: HIGH (CVSS v3 score: 7.8)
Date: Published: May 14, 2024, Last Modified: November 29, 2024
What Undercode Says:
This vulnerability is serious and has been exploited in the wild. Ensure you have installed the patch released by Microsoft in May 2024 as part of their Patch Tuesday update.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help