gabe_k
Boris LarinWe managed to find this 0-day twice! First as a description of a vulnerability, then as a real exploit used by attackers. https://securelist.com/cve-2024-30051/112618/
QakBot attacks with Windows zero-day (CVE-2024-30051)
In April 2024, while researching CVE-2023-36033, we discovered another zero-day elevation-of-privilege vulnerability, which was assigned CVE-2024-30051 identifier and patched on May, 14 as part of Microsoft's patch Tuesday. We have seen it exploited by QakBot and other malware.