A zero-day exploit for Windows has been publicly disclosed, allowing low-privilege accounts to make sensitive changes to administrator accounts. This revelation comes on the same day Microsoft released a record number of security patches, highlighting the ongoing challenges the company faces in keeping its software secure. The exploit, known as HiveLegacy, has been verified by multiple researchers and is the ninth zero-day vulnerability published by the pseudonymous researcher NightmareEclypse, who has criticized Microsoft's handling of bug reports1. The fact that this exploit can be used to escalate privileges in Windows systems makes it a significant concern for system administrators. As a result, the window for patching this vulnerability is rapidly shrinking, making it essential for practitioners to assess their exposure immediately. The disclosure of this zero-day exploit underscores the need for prompt action to mitigate potential attacks.