Recent findings by cybersecurity researchers have revealed multiple critical vulnerabilities in Windows, allowing hackers to gain rootkit-like capabilities. These flaws, specifically CVE-2022-38028, have been exploited by Kremlin-backed hackers, including the notorious APT28 group, using a post-compromise tool named GooseEgg. The vulnerabilities, which trace back from DOS to NT systems, have raised significant security concerns and were highlighted in presentations at Blackhat 2024.