"PoC Released for Windows Win32k Bug Exploited in Attacks"

Researchers have published a proof-of-concept (PoC) exploit for an actively exploited Windows local privilege escalation flaw. The Win32k subsystem manages the operating system's window manager, screen output, input, and graphics, as well as functions as an interface between various types of input hardware. Therefore, exploiting vulnerabilities of this type typically results in elevated privileges or code execution. Avast discovered the vulnerability, tracked as CVE-2023-29336, with a CVSS score of 7.8. It allows low-privileged users to gain Windows SYSTEM privileges. Avast reported that they noticed the vulnerability after it had been actively exploited in zero-day attacks. The Cybersecurity and Infrastructure Security Agency (CISA) published an alert and added the vulnerability to its "Known Exploited Vulnerabilities" catalog. A month after a patch became available for the flaw, security analysts at the Web3 cybersecurity company Numen released complete technical details of the vulnerability and a PoC exploit for Windows Server 2016. This article continues to discuss the release of a PoC exploit for the Windows Win32k bug.

Bleeping Computer "PoC Released for Windows Win32k Bug Exploited in Attacks"