In early April 2024, Kaspersky researchers decided to take a closer look at the Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36033, which was previously discovered as a zero-day exploited in the wild.
While searching for samples related to this exploit and attacks that used it, they found a curious document uploaded to VirusTotal on April 1, 2024. This document caught the researchers attention because it had a rather descriptive file name, which indicated that it contained information about a vulnerability in Windows OS. Inside there the researchers found a brief description of a Windows Desktop Window Manager (DWM) vulnerability and how it could be exploited to gain system privileges, everything written in very brok
Read more…
Source: Kaspersky
Related:
- Reported Critical Vulnerabilities In Microsoft Software On the Rise
February 15, 2018
The number of reported vulnerabilities in Microsoft software has mounted from 325 in 2013 to 685 last year, a rise of 111 percent, according to new research. Moreover, there has also been a 54 percent increase in critical Microsoft vulnerabilities since 2016, researchers at Avecto said in their report, which is based on data from Microsoft’s Security ...
- Cryptocurrency Mining Malware Infected Over Half-Million PCs Using NSA Exploit
January 31, 2018
2017 was the year of high profile data breaches and ransomware attacks, but from the beginning of this year, we are noticing a faster-paced shift in the cyber threat landscape, as cryptocurrency-related malware is becoming a popular and profitable choice of cyber criminals. Several cybersecurity firms are reporting of new cryptocurrency mining viruses that are being ...
- Cisco Patches Critical VPN Vulnerability
January 30, 2018
Cisco Systems released a patch Monday to fix a critical security vulnerability in its Secure Sockets Layer VPN solution called Adaptive Security Appliance. The vulnerability, according to a Cisco Security Advisory, could allow an unauthenticated and remote attacker to execute remote code on affected devices. The vulnerability impacts nearly a dozen Cisco products ranging from 3000 Series ...
- Ploutus.D Malware Variant Used in U.S.-based ATM Jackpotting Attacks
January 29, 2018
The United States Secret Service issued a warning on Friday to financial institutions citing “credible information” about “planned” attacks against U.S. cash machines using malware that can quickly drain ATM machines dry of cash. The warning came a day after ATM maker Diebold Nixdorf also warned its customers of “potential” ATM Jackpotting attacks moving from Mexico to the U.S. But journalist Brian ...
- Electron critical vulnerability strikes app developers
January 24, 2018
A critical vulnerability affecting Electron desktop apps has been disclosed. Electron is a node.js, V8, and Chromium framework created for the development of cross-platform desktop apps with JavaScript, HTML, and CSS. Compatible with Mac, Linux, and Windows operating systems, the recently-discovered bug impacts Windows alone. The critical vulnerability affects Electron apps which use custom protocol handlers. Assigned the identifier CVE-2018-1000006, the vulnerability ...
- Now Meltdown patches are making industrial control systems lurch
January 15, 2018
Patches for the Meltdown vulnerability are causing stability issues in industrial control systems. SCADA vendor Wonderware admitted that Redmond’s Meltdown patch made its Historian product wobble. “Microsoft update KB4056896 (or parallel patches for other Operating System) causes instability for Wonderware Historian and the inability to access DA/OI Servers through the SMC,” an advisory on Wonderware’s support site explains. Read ...