In early April 2024, Kaspersky researchers decided to take a closer look at the Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36033, which was previously discovered as a zero-day exploited in the wild.
While searching for samples related to this exploit and attacks that used it, they found a curious document uploaded to VirusTotal on April 1, 2024. This document caught the researchers attention because it had a rather descriptive file name, which indicated that it contained information about a vulnerability in Windows OS. Inside there the researchers found a brief description of a Windows Desktop Window Manager (DWM) vulnerability and how it could be exploited to gain system privileges, everything written in very brok
Read more…
Source: Kaspersky
Related:
- Welcome to open source, Elon. Your Twitter code just got a CVE for shadow ban bug
April 7, 2023
The chunk of internal source code Twitter released the other week contains a “shadow ban” vulnerability serious enough to earn its own CVE, as it can be exploited to bury someone’s account of sight “without recourse.” The issue was discovered by Federico Andres Lois while reviewing the tweet recommendation engine that’s said to power Twitter’s For ...
- Apple fixes two zero-days exploited to hack iPhones and Macs
April 7, 2023
Apple has released emergency security updates to address two new zero-day vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads. “Apple is aware of a report that this issue may have been actively exploited,” the company said when describing the issues in security advisories published on Friday. Read more… Source: Bleeping Computer
- CISA Adds One Known Exploited Vulnerability to Catalog
April 3, 2023
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. CVE-2022-27926 Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Urgent warning issued to Irish Gmail and Chrome users as hackers access personal data
April 3, 2023
People are being urged to be aware of hackers attempting to gain access to personal emails through Google Chrome with a new type of malware. Scammers are using a fake Chrome browser extension known as AF in a bid to get data from Gmail inboxes, with cybersecurity experts warning that victims of this scam were tricked ...
- CVE-2023-23397 – Microsoft Outlook Privilege Escalation
March 31, 2023
On March 14, 2023, Microsoft released a patch for CVE-2023-23397. CVE-2023-23397 is a vulnerability in the Windows Microsoft Outlook client that can be exploited by sending a specially crafted email that triggers automatically when it is processed by the Outlook client. No user interaction is required to trigger the exploit. Exploitation of the vulnerability will leak ...
- CISA Adds Ten Known Exploited Vulnerabilities to Catalog
March 30, 2023
CISA has added ten new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2013-3163 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2014-1776 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2017-7494 Samba Remote Code Execution Vulnerability Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency