“This is a serious vulnerability, labeled critical by Microsoft,” Liska added. Liska notes this month’s patch batch also brings us CVE-2021-38666, which is a Remote Code Execution vulnerability in the Windows RDP Client. “Given the interest that cybercriminals - especially ransomware initial access brokers - have in RDP, it is likely that it will be exploited at some point,” said Allan Liska, senior security architect at Recorded Future. The flaws let an attacker view the RDP password for the vulnerable system. Both involve weaknesses in Microsoft’s Remote Desktop Protocol (RDP, Windows’ built-in remote administration tool) running on Windows 7 through Windows 11 systems, and on Windows Server 2008-2019 systems. Two of the vulnerabilities that were disclosed prior to today’s patches are CVE-2021-38631 and CVE-2021-41371. Microsoft has published a blog post/FAQ about the Exchange zero-day here. Unlike the four zero-days involved in the mass compromise of Exchange Server systems earlier this year, CVE-2021-42321 requires the attacker to be already authenticated to the target’s system. You may recall that earlier this year a majority of the world’s organizations running Microsoft Exchange Servers were hit with four zero-day attacks that let thieves install backdoors and siphon email.Īs Exchange zero-days go, CVE-2021-42321 appears somewhat mild by comparison. The other critical flaw patched today that’s already being exploited in the wild is CVE-2021-42321, yet another zero-day in Microsoft Exchange Server. But Dustin Childs over at Trend Micro’s Zero Day Initiative says the vulnerability is likely due to loading code that should be limited by a user prompt - such as a warning about external content or scripts - but for whatever reason that prompt does not appear, thus bypassing the security feature. Microsoft’s revised, more sparse security advisories don’t offer much detail on what exactly is being bypassed in Excel with this flaw. ![]() Two of the patches address vulnerabilities that are already being used in active attacks online, and four of the flaws were disclosed publicly before today - potentially giving adversaries a head start in figuring out how to exploit them.Īmong the zero-day bugs is CVE-2021-42292, a “security feature bypass” problem with Microsoft Excel versions 2013-2021 that could allow attackers to install malicious code just by convincing someone to open a booby-trapped Excel file (Microsoft says Mac versions of Office are also affected, but several places are reporting that Office for Mac security updates aren’t available yet). ![]() ![]() today released updates to quash at least 55 security bugs in its Windows operating systems and other software.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |