Windows 0-day was exploited by North Korea to install advanced rootkit

North Korean-backed hackers exploited a Windows zero-day vulnerability (CVE-2024-38193) to install advanced malware, according to researchers. Using the bypass, the hackers, identified as the Lazarus group, were able to access sensitive system areas. The exploit was used to install FudModule, a type of malware known as a rootkit, capable of disabling security defenses and operating in the deepest regions of Windows. Despite a warning from security firm Avast, Microsoft took six months to patch the vulnerability.