Microsoft addresses 70 vulnerabilities in their February 2022 Patch Tuesday release. While none of the vulnerabilities in this month’s Microsoft release cycle have been assigned as critical risk, several have been given a high-risk rating (CVSSv3.1 score of 7.0 – 8.9). As of this writing, none of this month’s list of vulnerabilities is known to … Continue reading “Microsoft addresses 70 vulnerabilities in February 2022 Patch Tuesday”
Tag: Microsoft Windows
Microsoft’s New Zero-day Windows Local Privilege Escalation Vulnerability (CVE-2021-41379)
Attackers are actively exploiting a zero-day vulnerability in Windows Installer. The vulnerability was found after a Microsoft patch for another security weakness failed to adequately repair the initial and unrelated bug. A security researcher found this Windows Installer Elevation of Privilege vulnerability termed as CVE-2021-41379. The vulnerability allows threat actors with limited access to a compromised device to elevate … Continue reading “Microsoft’s New Zero-day Windows Local Privilege Escalation Vulnerability (CVE-2021-41379)”
Microsoft Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34527)
A zero-day exploit which allows authenticated users with a regular Domain User account to gain full SYSTEM-level privileges was observed on June 29, 2021 on a fully patched Windows system. Named PrintNightmare and tracked as CVE-2021-34527, was disclosed by MS on July 1, 2021. PrintNightmare (CVE-2021-34527) is a vulnerability that allows an attacker with a … Continue reading “Microsoft Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34527)”
Microsoft Windows June 2021 Zero-day Vulnerabilities
On June 2021 Patch Tuesday, Microsoft addressed 50 vulnerabilities; and out of these, 5 were critical and 45 were important bugs. 3 vulnerabilities were previously known, and 6 are being actively exploited by attackers. The 6 exploited vulnerabilities are: CVE-2021-31955, CVE-2021-31956, CVE-2021-33739, CVE-2021-33742, CVE-2021-31199, & CVE-2021-31201. CVE-2021-31955 and CVE-2021-31956 are Windows Kernel Information Disclosure vulnerability … Continue reading “Microsoft Windows June 2021 Zero-day Vulnerabilities”
Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2021-31166)
As a part of their usual process of Patch Tuesday, Microsoft has released patches to mitigate security flaws in products such as Windows, Exchange Server, Internet Explorer, Office, Hyper-V, Visual Studio, and Skype for Business. A new Windows network Remote Code Execution (RCE) zero-day exploit – CVE-2021-31166, has been in the news since Patch Tuesday. … Continue reading “Microsoft Windows HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2021-31166)”
Zero Days In-the-Wild Series (CVE-2020-6418, CVE-2020-0938, CVE-2020-1020, CVE-2020-1027)
On January 12, 2021, Google Project Zero published a six-part report on hacking operation targeted for Windows and Android devices. Exploit servers in the hacking operation contained 4 Google chrome vulnerabilities, 2 sandbox escape exploits and publicly known privilege escalation n-day exploits. Of these, 4 were still zero-day at the time of its discovery. Following … Continue reading “Zero Days In-the-Wild Series (CVE-2020-6418, CVE-2020-0938, CVE-2020-1020, CVE-2020-1027)”
Microsoft Windows Critical RCE Vulnerability – Bad Neighbor (CVE-2020-16898)
Multiple vulnerabilities were addressed in Microsoft Patch Tuesday, October 2020. This blog discusses the most critical one out of them – CVE-2020-16898, which makes TCP/IP driver of Windows vulnerable. It eventually causes Denial of Service (DoS) and is said to be a potential Remote Code Execution (RCE), if mixed with other exploits. This CVE is … Continue reading “Microsoft Windows Critical RCE Vulnerability – Bad Neighbor (CVE-2020-16898)”
Microsoft Windows Netlogon Privilege Escalation Vulnerability (CVE-2020-1472)
A severe bug identified as CVE-2020-1472 with a criticality of 10 is being exploited publicly in the wild. This bug can take over Windows Servers running as Domain Controllers with domain-level privileges from a remote unauthenticated user. A Dutch team, collectively known as Secura, has published an exploit on Github with a technical writeup. According … Continue reading “Microsoft Windows Netlogon Privilege Escalation Vulnerability (CVE-2020-1472)”
Zero-Day Vulnerabilities in Microsoft (CVE-2020-1464, CVE-2020-1380)
For August 2020 Patch Tuesday, Microsoft has rolled out 120 security updates across 13 different products including Windows, Edge (EdgeHTML-based and Chromium-based), Office, Internet Explorer (IE), ChakraCore and Developer Tools such as .NET Framework, ASP.NET, and Visual Studio. Out of these vulnerabilities, 17 are classified as Critical and 103 are classified as Important. The 17 … Continue reading “Zero-Day Vulnerabilities in Microsoft (CVE-2020-1464, CVE-2020-1380)”
Microsoft Windows Elevation of Privilege Vulnerability (CVE-2020-1313)
On June 9th 2020, Microsoft issued a security advisory addressing Elevation of Privilege vulnerability (CVE-2020-1313) in Windows Update Orchestrator Service that has a CVSS score of 7.8 and severity marked as Important. Vulnerability Details: Windows Update Orchestrator Service is a DCOM service which is used by other components to install windows updates that are already … Continue reading “Microsoft Windows Elevation of Privilege Vulnerability (CVE-2020-1313)”