Microsoft fixes Windows zero-day exploited in QakBot malware attacks By Sergiu Gatlan May 14, 2024 02:18 PM 0 Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems. Tracked as CVE-2024-30051, this privilege escalation bug is caused by a heap-based buffer overflow in the DWM (Desktop Window Manager) core library. Following successful exploitation, attackers can gain SYSTEM privileges. Desktop Window Manager ...