A newly-patched vulnerability in Windows operating system is being actively exploited in the wild. The flaw (CVE-2019-0859) is a use-after-free issue in the Windows kernel that allows local privilege escalation (LPE) It’s being used in advanced persistent threat (APT) campaigns targeting 64-bit versions of Windows. The attackers are using the bug to establish persistent backdoors to targeted machines, gaining the ability to run arbitrary code in kernel mode. Microsoft pushed out a patch last week, so users should update their systems as soon as possible.
Source: https://threatpost.com/windows-zero-day-active-exploits/143820/