Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability for Windows 10 version 1607, Windows Server 2012, and Windows Server 2016, it has come to light that the fix for the remote code execution exploit in the Windows Print Spooler service can be bypassed in certain scenarios, effectively defeating the security protections and permitting attackers to … [Read more...] about Microsoft’s Emergency Patch Fails to Fully Fix PrintNightmare RCE Vulnerability
vulnerability
How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare
This week, PrintNightmare - Microsoft's Print Spooler vulnerability (CVE-2021-34527) was upgraded from a 'Low' criticality to a 'Critical' criticality. This is due to a Proof of Concept published on GitHub, which attackers could potentially leverage for gaining access to Domain Controllers. As we reported earlier, Microsoft already released a patch in June 2021, but it wasn't … [Read more...] about How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare
New UAF Vulnerability Affecting Microsoft Office to be Patched Today
Four security vulnerabilities discovered in the Microsoft Office suite, including Excel and Office online, could be potentially abused by bad actors to deliver attack code via Word and Excel documents. "Rooted from legacy code, the vulnerabilities could have granted an attacker the ability to execute code on targets via malicious Office documents, such as Word, Excel and … [Read more...] about New UAF Vulnerability Affecting Microsoft Office to be Patched Today
New High-Severity Vulnerability Reported in Pulse Connect Secure VPN
Ivanti, the company behind Pulse Secure VPN appliances, has published a security advisory for a high severity vulnerability that may allow an authenticated remote attacker to execute arbitrary code with elevated privileges. "Buffer Overflow in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code … [Read more...] about New High-Severity Vulnerability Reported in Pulse Connect Secure VPN
Desktop Window Manager vulnerability CVE-2021-28310 exploited ITW
Kaspersky researchers have found a zero-day vulnerability (CVE-2021-28310) in a Microsoft Windows component called Desktop Window Manager (DWM). We believe several threat actors have already exploited the vulnerability. Microsoft just released the patch, and we suggest applying it immediately. Here’s why. What is Desktop Window Manager? Pretty much everyone is familiar with the … [Read more...] about Desktop Window Manager vulnerability CVE-2021-28310 exploited ITW
Critical RCE Vulnerability Found in Apache OFBiz ERP Software—Patch Now
The Apache Software Foundation on Friday addressed a high severity vulnerability in Apache OFBiz that could have allowed an unauthenticated adversary to remotely seize control of the open-source enterprise resource planning (ERP) system. Tracked as CVE-2021-26295, the flaw affects all versions of the software prior to 17.12.06 and employs an "unsafe deserialization" as an … [Read more...] about Critical RCE Vulnerability Found in Apache OFBiz ERP Software—Patch Now
Google Chrome update patches CVE-2021-21193 vulnerability
Google Chrome urgently requires an update to patch a severe vulnerability. You may be tired of updating Chrome (the latest urgent update was just last month), but it’s that time again, and with good reason: Cybercriminals have already exploited this vulnerability. What is CVE-2021-21193? On March 12, Google released stable build 89.0.4389.90 for Chrome, patching five … [Read more...] about Google Chrome update patches CVE-2021-21193 vulnerability
Zero-Click Wormable RCE Vulnerability Reported in Microsoft Teams
A zero-click remote code execution (RCE) bug in Microsoft Teams desktop apps could have allowed an adversary to execute arbitrary code by merely sending a specially-crafted chat message and compromise a target's system. The issues were reported to the Windows maker by Oskars Vegeris, a security engineer from Evolution Gaming, on August 31, 2020, before they were addressed at … [Read more...] about Zero-Click Wormable RCE Vulnerability Reported in Microsoft Teams
Critical Jenkins Server Vulnerability Could Leak Sensitive Information
Jenkins—a popular open-source automation server software—published an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed.Tracked as CVE-2019-17638, the flaw has a CVSS rating of 9.4 and impacts Eclipse Jetty versions 9.4.27.v20200227 to 9.4.29.v20200521—a … [Read more...] about Critical Jenkins Server Vulnerability Could Leak Sensitive Information
Getting more value from your endpoint security tool #5: Querying Tips for Vulnerability & Compliance
Thank you for tuning in to the fifth and final installment of this blog series. As I stated in my previous blog posts on orbital advanced search, my father was an automobile mechanic. More specifically, he was a “brakes and front-end mechanic”. On several occasions, Pops would point out the wear on a set of tires and would tell me that either the car was out of alignment, … [Read more...] about Getting more value from your endpoint security tool #5: Querying Tips for Vulnerability & Compliance