A newly disclosed Windows local privilege-escalation vulnerability, dubbed LegacyHive, could allow a standard user to load and modify the per-user registry classes hive of an administrator account. The proof-of-concept (PoC), published by researcher NightmareEclipse under the MSNightmare/LegacyHive GitHub repository, abuses Windows’ User Profile Service to mount a target user’s UsrClass.dat hive into a registry location […] The post LegacyHive Windows Zero-Day Lets Attackers Hijack Administrator Registry Hives appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/legacyhive-windows-zero-day/
![]()

