The notorious North Korea-based Lazarus Group was observed abusing an admin-to-kernel zero-day Windows exploit that, once achieved, can let the threat actor do any number of malicious activities, including disrupting software, concealing infection indicators, and kernel-mode telemetry disabling.In a Feb. 29 blog post, researchers at Avast said Microsoft addressed this vulnerability — CVE-2024-21338 — during February’s Patch Tuesday. The researchers said the goal of the exploitation was to establ...