New Windows LegacyHive 0-Day Vulnerability Allows Hackers to Gain Admin Access

A Windows zero-day vulnerability, dubbed LegacyHive (MSNightmare), abuses the User Profile Service to enable local privilege escalation, tampering with administrator accounts, and admin-level code execution. LegacyHive targets the Windows User Profile Service (ProfSvc), which is responsible for loading and unloading user profiles and their registry hives during logon and logoff. The public proof‑of‑concept (PoC) from the […]

The post New Windows LegacyHive 0-Day Vulnerability Allows Hackers to Gain Admin Access appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: