A zero-day vulnerability in certain editions of Windows operating system helped at least one advanced threat group increase their privileges on compromised machines until Microsoft patched it with this month’s release of security updates. […]

from https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-exploited-in-cyber-attacks/