Microsoft patches zero-day bug used for QakBot malware distribution

techradar.com

Microsoft's May Patch Tuesday update fixes a zero-day vulnerability used to distribute QakBot malware. CVE-2024-30051, a privilege escalation flaw in Desktop Window Manager, allows threat actors to gain SYSTEM privileges. Kaspersky discovered the vulnerability and linked it to QakBot activity. QakBot, a banking trojan from 2008, evolved into a dropper for additional malware. Despite a previous takedown, QakBot resurfaced targeting the hospitality industry.


With a significance score of 3.4, this news ranks in the top 8.1% of today's 28922 analyzed articles.

Get summaries of news with significance over 5.5 (usually ~10 stories per week). Read by 10,000+ subscribers:


Microsoft patches zero-day bug used for QakBot malware distribution | News Minimalist