Threat actors have been targeting a government institution in Eastern Europe by taking advantage of CVE-2019-1132, which is one of the two Windows zero-days fixed by Microsoft as part of this month’s Patch Tuesday, ESET researchers report.
The hacking group, known as Buhtrap, abused the privilege escalation flaw in a June campaign. The attackers infected the organization’s systems with malware that could then operate with maximum privileges.
Read more: Buhtrap Group Used Windows Zero-Day in Government Attack