Summary
A new Windows 0-day exploit, dubbed HiveLegacy, has been published by a researcher, allowing low-privilege accounts to make sensitive changes to administrator accounts, coinciding with Microsoft's release of a record number of security patches. This exploit targets a vulnerability in the Windows User Profile Service and is reportedly sending Microsoft scrambling to issue another patch.