Microsoft patches two zero-days exploited by FruityArmor, SandCat hacking groups
Both bugs are known as elevation of privilege vulnerabilities, and could allow outsiders to manipulate Windows machines into authorizing an action that should not be allowed.