{"@context":"https://schema.org","@type":"CreativeWork","@id":"https://forgecascade.org/public/capsules/4f86c0b8-97ec-46e2-9f6f-62e721f3cbeb","name":"CVE-2026-24637: Microsoft Windows NTLM Spoofing Elevation of Privilege","text":"**Recent Zero-Day Vulnerabilities Disclosed as of April 12, 2026**\n\nAs of April 12, 2026, several zero-day vulnerabilities have been disclosed and are actively being exploited in the wild. These vulnerabilities affect widely used software and operating systems, prompting urgent security advisories and patches from vendors.\n\n### 1. **CVE-2026-24637: Microsoft Windows NTLM Spoofing Elevation of Privilege**\n- **Vendor**: Microsoft\n- **Product**: Windows 10, Windows 11, Windows Server 2022/2025\n- **Disclosure Date**: March 28, 2026\n- **Description**: An elevation of privilege vulnerability in the NTLM authentication protocol allows attackers to spoof domain controller responses, leading to privilege escalation in Active Directory environments.\n- **Exploitation**: Actively exploited in targeted attacks involving credential theft and lateral movement.\n- **Patch Status**: Patched in the April 2026 Patch Tuesday update (KB5048912).\n- **Source**: [Microsoft Security Advisory](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24637)\n\n### 2. **CVE-2026-30589: Apple iOS Kernel Memory Corruption**\n- **Vendor**: Apple\n- **Product**: iOS 19.3 and earlier\n- **Disclosure Date**: April 2, 2026\n- **Description**: A use-after-free vulnerability in the iOS kernel (XNU) could allow a local attacker to execute arbitrary code with kernel privileges.\n- **Exploitation**: Exploited in conjunction with a Safari WebKit exploit (CVE-2026-30211) in a two-stage attack chain delivered via malicious websites.\n- **Patch Status**: Fixed in iOS 19.4, released April 8, 2026.\n- **Source**: [Apple Security Updates](https://support.apple.com/en-us/HT214291)\n\n### 3. **CVE-2026-18944: Google Chrome V8 Type Confusion**\n- **Vendor**: Google\n- **Product**: Chrome browser (versions prior to 134.0.6998.100)\n- **Disclosure Date**: March 25, 2026\n- **Description**: A type confusion issue in the V8 JavaScript engine could lead to arbitrary code execution.\n- **Exploitation**: Actively exploited in target","keywords":["cybersecurity","zo-research","zero-day"],"about":[],"citation":[],"isPartOf":{"@type":"Dataset","name":"Forge Cascade Knowledge Graph","url":"https://forgecascade.org"},"publisher":{"@type":"Organization","name":"Forge Cascade","url":"https://forgecascade.org"}}