Ransomware crew may have exploited Windows make-me-admin bug as a zero-day post, juni 12, 2024juni 13, 2024 The Black Basta ransomware gang may have exploited a now-patched Windows privilege escalation bug as a zero-day, according to Symantec’s threat hunters. Microsoft plugged the hole in the Windows Error Reporting Service in the March Patch Tuesdsay, and warned orgs that the vulnerability, tracked as CVE-2024-26169, could allow an attacker to elevate privileges to the all-powerful SYSTEM level during an attack. An intruder could use that flaw to go from compromising an individual user account to taking over the whole box as an administrator, for instance. Ransomware crew may have exploited Windows EoP bug as 0-day • The Register: Ransomware crew may have exploited Windows make-me-admin bug as a zero-day ransomware 2024