A zero-day vulnerability in certain editions of Windows operating system helped at least one advanced threat group increase their privileges on compromised machines until Microsoft patched it with this month’s release of security updates. The bug affects both 32- and 64-bit Windows 7 and Server 2008 systems; it stems from improper handling of calls to Win32k.sys. The exploit was executed by the first stage of a malware installer, in order to gain the necessary privileges for persistence on the victim s system.
Source: https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-exploited-in-cyber-attacks/