North Korea-linked Lazarus APT exploited a zero-day flaw in the Windows AppLocker driver (appid.sys) to gain kernel-level access to target systems. Avast researchers observed North Korea-linked Lazarus APT group using an admin-to-kernel exploit for a zero-day vulnerability in the appid.sys AppLocker driver. The zero-day, tracked as CVE-2024-21338 has been addressed by Microsoft in the February […]
This article has been indexed from Security Affairs