In early April 2024, Kaspersky researchers decided to take a closer look at the Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36033, which was previously discovered as a zero-day exploited in the wild.
While searching for samples related to this exploit and attacks that used it, they found a curious document uploaded to VirusTotal on April 1, 2024. This document caught the researchers attention because it had a rather descriptive file name, which indicated that it contained information about a vulnerability in Windows OS. Inside there the researchers found a brief description of a Windows Desktop Window Manager (DWM) vulnerability and how it could be exploited to gain system privileges, everything written in very brok
Read more…
Source: Kaspersky
Related:
- Open-source Kubernetes tool Argo CD has a high-severity path traversal flaw: Patch now
February 4, 2022
A zero-day vulnerability in open-source Kubernetes development tool Argo lets malicious people steal passwords from git-crypt and other sensitive information by simply uploading a crafted Helm chart. Charts are the actual packaging format of ubiquitous tool-for-managing-Kubernetes applications Helm. The vuln, tracked as CVE-2022-24438, exists in Argo CD, a widely used open-source continuous delivery tool for Kubernetes. Patched ...
- Operation EmailThief: Zero-day XSS vulnerability in Zimbra email platform revealed
February 4, 2022
Researchers have uncovered an active campaign exploiting a zero-day vulnerability in the Zimbra email platform. Zimbra is an email platform available under an open source license. According to the developer, the platform supports hundreds of millions of mailboxes located in 140 countries. On February 3, cybersecurity researchers from Volexity, Steven Adair and Thomas Lancaster, said the system ...
- UEFI firmware vulnerabilities affect at least 25 computer vendors
February 2, 2022
Researchers from firmware protection company Binarly have discovered critical vulnerabilities in the UEFI firmware from InsydeH2O used by multiple computer vendors such as Fujitsu, Intel, AMD, Lenovo, Dell, ASUS, HP, Siemens, Microsoft, and Acer. UEFI (Unified Extensible Firmware Interface) software is an interface between a device’s firmware and the operating system, which handles the booting process, ...
- Cloudflare launches a paid public bug bounty program
February 1, 2022
Cloudflare, an American company focused on web infrastructure and website security, has announced the launch of a new public bug bounty program. “Today we are launching Cloudflare’s paid public bug bounty program,” said Rushil Shah, a Product Security Engineer at Cloudflare. Read more… Source: Bleeping Computer
- Update now: Samba prior to 4.13.17 hit with remote root code execution bug
February 1, 2022
Samba has fixed a vulnerability in all versions of its software prior to version 4.13.17 that allowed for a remote actor to execute code as root, thanks to an out-of-bounds heap read write vulnerability. “The specific flaw exists within the parsing of EA metadata when opening files in smbd. Access as a user that has write ...
- CISA adds 8 vulnerabilities to list of actively exploited bugs
January 31, 2022
The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to its catalog of exploited vulnerabilities that are known to be used in attacks, and they’re a mix of old and new. The goal of publishing these vulnerabilities is to raise awareness and remind federal organizations of their obligation to apply security updates ...