Security experts from ESET observed a treat actor, tracked as PowerPool, exploiting the recently disclosed Windows zero-day flaw in targeted attacks. The vulnerability resides in the Windows task scheduler program and ties to errors in the handling of Advanced Local Procedure Call (ALPC) systems. Microsoft was expected to address the vulnerability in September security Patch Tuesday, that is scheduled for September 11, but the news of live attacks exploiting the issue could force the company to roll out a patch sooner.”]
Source: https://securityaffairs.co/wordpress/75967/hacking/powerpool-group.html