skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Windows Vulnerability CVE-2024-38193 Exploited; PoC Released

/ 1 min read

A critical Windows vulnerability CVE-2024-38193 poses serious security risks. Discovered in the afd.sys driver, this use-after-free vulnerability has a CVSS score of 7.8 and allows attackers to escalate privileges and execute arbitrary code, potentially compromising sensitive system areas. Security researcher Luca Ginex detailed the exploitation process, which involves a multi-stage attack leveraging a race condition between specific functions in the driver. The Lazarus Group has been linked to the use of this vulnerability to deploy sophisticated malware known as FudModule. A proof-of-concept code has been published, increasing the urgency for users to apply the patch released in August 2024 to mitigate risks associated with this vulnerability.

Source
{entry.data.source.title}
Original