Senselessly Tooted Disinformation (2024-03-01 10:37:45)

[Alex Plaskett @ X] RT by @alexjplaskett: #Lazarus exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools.

https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/

This is CVE-2024-21338

Post from 2024-03-01 10:37:45