LegacyHive Windows Zero-Day Lets Attackers Hijack Administrator Registry Hives

A newly disclosed Windows local privilege-escalation vulnerability, dubbed LegacyHive, could allow a standard user to load and modify the per-user registry classes hive of an administrator account. The proof-of-concept (PoC), published by researcher NightmareEclipse under the MSNightmare/LegacyHive GitHub repository, abuses Windows’ User Profile Service to mount a target user’s UsrClass.dat hive into a registry location […]

The post LegacyHive Windows Zero-Day Lets Attackers Hijack Administrator Registry Hives appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Read the original article: