In early April 2024, Kaspersky researchers decided to take a closer look at the Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36033, which was previously discovered as a zero-day exploited in the wild.
While searching for samples related to this exploit and attacks that used it, they found a curious document uploaded to VirusTotal on April 1, 2024. This document caught the researchers attention because it had a rather descriptive file name, which indicated that it contained information about a vulnerability in Windows OS. Inside there the researchers found a brief description of a Windows Desktop Window Manager (DWM) vulnerability and how it could be exploited to gain system privileges, everything written in very brok
Read more…
Source: Kaspersky
Related:
- QNAP warns severe Linux bug affects most of its NAS devices
March 14, 2022
Taiwanese hardware vendor QNAP warns most of its Network Attached Storage (NAS) devices are impacted by a high severity Linux vulnerability dubbed ‘Dirty Pipe’ that allows attackers with local access to gain root privileges. The ‘Dirty Pipe’ security bug affects Linux Kernel 5.8 and later versions, even on Android devices. If successfully exploited, it allows non-privileged ...
- Dirty Pipe Privilege Escalation Vulnerability in Linux
March 10, 2022
CISA is aware of a privilege escalation vulnerability in Linux kernel versions 5.8 and later known as “Dirty Pipe” (CVE-2022-0847). A local attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review (CVE-2022-0847) and update to Linux kernel versions 5.16.11, 5.15.25, and 5.10.102 or later. Read more… Source: U.S. ...
- Millions of APC Smart-UPS devices vulnerable to TLStorm
March 9, 2022
If you’re managing a smart model from ubiquitous uninterrupted power supply (UPS) device brand APC, you need to apply updates now – a set of three critical zero-day vulnerabilities are making Smart-UPS devices a possible entry point for network infiltration. The vulnerabilities, dubbed “TLStorm” were found in Schneider Electric’s APC Smart-UPS products by security firm Armis, ...
- Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities
March 8, 2022
In February 2021, Google announced Autopilot, a new mode of operation in Google Kubernetes Engine (GKE). With Autopilot, Google provides a “hands-off” Kubernetes experience, managing cluster infrastructure for the customer. The platform automatically provisions and removes nodes based on resource consumption and enforces secure Kubernetes best practices out of the box. In June 2021, Unit 42 ...
- Microsoft March 2022 Patch Tuesday: 71 vulnerabilities fixed
March 8, 2022
Microsoft has released 71 security fixes for software, including 41 patches for Microsoft Windows vulnerabilities, five vulnerabilities in Microsoft Office and two in Microsoft Exchange. Two of the vulnerabilities are rated critical — CVE-2022-22006 and CVE-2022-24501 — while the rest are rated important. In the Redmond giant’s latest round of patches, usually released on the second Tuesday ...
- Deep dive: Vulnerabilities in ZTE router could lead to complete attacker control of the device
March 7, 2022
Cisco Talos’ vulnerability research team disclosed multiple vulnerabilities in the ZTE MF971R wireless hotspot and router in October. Several months removed from that disclosure and ZTE’s patch, researchers decided to take an even closer look at two of these vulnerabilities — CVE-2021-21748 and CVE-2021-21745 — to show how they could be chained together by an ...