Windows Kernel Elevation of Privilege Vulnerability (CVE-2024-38106)

A new “Windows Kernel Elevation of Privilege Vulnerability” (CVE-2024-38106) which allow a remote attacker to achieve privilege escalation, is actively exploited by malicious actors in the wild.  Successful exploitation enables an authenticated attacker to gain SYSTEM-level privileges, thereby gaining full control over the affected machine.

Departments or users are urged to apply the latest patch immediately for remediation.

 

Vulnerability

  • Windows Kernel Elevation of Privilege Vulnerability (CVE-2024-38106)

 

Severity Level

  • High

 

Affected Products

  • Windows Servers:
    • Windows Server 2022, 23H2 Edition (Server Core installation)
    • Windows Server 2022 (Server Core installation)
    • Windows Server 2022
    • Windows Server 2019 (Server Core installation)
    • Windows Server 2019
    • Windows Server 2016 (Server Core installation)
    • Windows Server 2016
  • Windows Clients:
    • Windows 11 Version 24H2 for x64-based Systems / ARM64-based Systems
    • Windows 11 Version 23H2 for x64-based Systems / ARM64-based Systems
    • Windows 11 Version 22H2 for x64-based Systems / ARM64-based Systems
    • Windows 11 Version 21H2 for x64-based Systems / ARM64-based Systems
    • Windows 10 Version 22H2 for 32-bit Systems / x64-based Systems / ARM64-based Systems
    • Windows 10 Version 21H2 for 32-bit Systems / x64-based Systems / ARM64-based Systems
    • Windows 10 Version 1809 for 32-bit Systems / x64-based Systems / ARM64-based Systems
    • Windows 10 Version 1607 for 32-bit Systems / x64-based Systems
    • Windows 10 for 32-bit Systems / x64-based Systems

 

Indicators of compromise

  • voyagorclub[.]space
  • weinsteinfrog[.]com

 

Remediation

 

Reference

 

Enquiry

 

 

Published on: 06 Sep 2024