Attackers are exploiting CVE-2021-40444, a zero-day remote code execution vulnerability in MSHTML (the main HTML component of the Internet Explorer browser), to compromise Windows/Office, Microsoft has warned on Tuesday. Tricking victims into running malicious executables remains a popular method for getting a foothold into organizations. Numerous attempts to exploit MSHTML to compromise Microsoft Windows have … Continue reading “Microsoft Windows MSHTML Remote Code Execution Vulnerability (CVE-2021-40444)”
Tag: microsoft
Microsoft Windows Privilege Escalation Vulnerability (CVE-2021-1732)
On the second Patch Tuesday of 2021, Microsoft published advisories to address 56 new security vulnerabilities. Of these, nine were rated as critical and one is actively exploited in the wild. Elevation of Privileges in Windows Kernel (CVE-2021-1732) This bug is in the Windows Win32k operating system kernel. It allows a logged-in user to execute … Continue reading “Microsoft Windows Privilege Escalation Vulnerability (CVE-2021-1732)”
Privilege Escalation in Microsoft Windows (Zero-Day)
In June, Microsoft released a patch for a vulnerability in Windows Kernel (CVE-2020-0986), which was fixed with a patch. However, attackers could still exploit this vulnerability using a different methodology (CVE-2020-17008). CVE-2020-0986 – Old Vulnerability An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. This flaw was … Continue reading “Privilege Escalation in Microsoft Windows (Zero-Day)”
GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713)
On 29th July 2020, a team of security researchers disclosed a high priority bug in GRUB2(GRand Unified Bootloader version 2) , affecting billions of Linux and Windows systems using secure boot. CVE-2020-10713 is assigned to this buffer overflow vulnerability, termed as “Boothole”. “Boothole” Secure Boot is designed to verify all the firmware of the computer … Continue reading “GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713)”
Telerik UI Remote Code Execution via Insecure Deserialization (CVE-2019-18935)
Summary: In the start of May 2020, a mischievous exploit has been out in the wild that uses two CVEs in combination to perform insecure deserialization to a vendor named Telerik. The vulnerability lies in a suite of UI components for web applications called Telerik UI for ASP.NET AJAX. The insecure deserialization of JSON objects … Continue reading “Telerik UI Remote Code Execution via Insecure Deserialization (CVE-2019-18935)”
Microsoft Exchange Validation Key Remote Code Execution Vulnerability (CVE-2020-0688)
Summary: In second week of February,2020, after MSPT, a static key vulnerability in Microsoft Exchange Control Panel (ECP), a component of Microsoft Exchange Server was observed, that leads to RCE. To perform the exploit, an authenticated user with any privilege level sends a specially crafted request to a vulnerable ECP and gain SYSTEM level arbitrary … Continue reading “Microsoft Exchange Validation Key Remote Code Execution Vulnerability (CVE-2020-0688)”
Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability Alert (CVE-2020-0618)
Summary: In the month of February,2020, among MSPT, Microsoft SQL Server Reporting Services had to deal with a remote code execution vulnerability. This happens as it incorrectly handles page requests. The SSRS web application allowed low privileged user accounts to run code on the server by exploiting a deserialization issue. Description: As a initial part … Continue reading “Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability Alert (CVE-2020-0618)”
Windows Modules Installer Service Information Disclosure Vulnerability (CVE-2020-0728)
Summary: In the month of February,2020, among MSPT, Windows Modules Installer Service improperly discloses file information., resulting into an information disclosure vulnerability. Description: Logging onto an affected system and run a crafted application would lead to this information disclosure vulnerability. The TrustedInstaller service running on the Microsoft Windows operating system hosts a COM service called … Continue reading “Windows Modules Installer Service Information Disclosure Vulnerability (CVE-2020-0728)”
Internet Explorer Zero-day Remote Code Execution Vulnerability (CVE-2020-0674)
Summary: Recent Internet Explorer has been observed with zero-day remote code execution vulnerability attacks. To address Microsoft’s Internet Explorer (IE) web browser RCE vulnerability CVE-2020-0674 Microsoft published an advisory ADV200001. Description: jscript.dll is the vulnerable component for IE 11, and moderate for IE 9 and IE 10. Memory corruption at ease by an attacker leads … Continue reading “Internet Explorer Zero-day Remote Code Execution Vulnerability (CVE-2020-0674)”
Microsoft Visual Studio 2008 Express IDE XML Injection Vulnerability (Zero Day)
Summary: Recently, a security researcher disclosed a XML External Entity Injection Zero Day in Microsoft Visual Studio 2008 Express IDE. It can allow remote attackers to grap files from the victims computer, sending them to the remote attackers server. Affected Product:Visual Studio 2008 Express IDE Security Issue:Visual Studio 2008 IDE vulnerable to XML External Entity … Continue reading “Microsoft Visual Studio 2008 Express IDE XML Injection Vulnerability (Zero Day)”