In early April 2024, Kaspersky researchers decided to take a closer look at the Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36033, which was previously discovered as a zero-day exploited in the wild.
While searching for samples related to this exploit and attacks that used it, they found a curious document uploaded to VirusTotal on April 1, 2024. This document caught the researchers attention because it had a rather descriptive file name, which indicated that it contained information about a vulnerability in Windows OS. Inside there the researchers found a brief description of a Windows Desktop Window Manager (DWM) vulnerability and how it could be exploited to gain system privileges, everything written in very brok
Read more…
Source: Kaspersky
Related:
- U.S. DoD’s Critical Infrastructure Is Dangerously Insecure
October 2, 2023
As simmering tensions in East Asia rise to a boil, the recent discovery of a Chinese penetration of the U.S. military’s telecommunication systems in Guam should be setting off alarm bells across the executive branch and in the halls of Congress. Though Chinese penetration of U.S. networks for espionage has been well documented for more than ...
- CISA Adds One Known Exploited Vulnerability to Catalog
October 2, 2023
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-5217 Google Chrome libvpx Heap Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- CISA Releases Three Industrial Control Systems Advisories
September 28, 2023
CISA released three Industrial Control Systems (ICS) advisories on September 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-271-01 Rockwell Automation PanelView 800 Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: CISA Adds One Known Exploited Vulnerability to Catalog
- phpPgAdmin deserialization vulnerability
September 28, 2023
phpPgAdmin is an open-source, web-based administration tool for managing PostgreSQL, an advanced, enterprise-class, and open-source relational database system. phpPgAdmin is written in PHP and provides a user-friendly interface that allows users to perform various database management tasks. Users can create, modify, and delete databases, tables, and records through this interface, making it a valuable tool ...
- 10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome
September 27, 2023
Cisco Talos disclosed 10 vulnerabilities over the past two weeks affecting a range of software, including the popular Google Chrome web browser. Attackers could exploit these vulnerabilities to carry out a variety of attacks, in some cases gaining the ability to execute remote code on the targeted machine. Read more… Source: Cisco Talos
- CISA Releases Six Industrial Control Systems Advisories
September 26, 2023
CISA released six Industrial Control Systems (ICS) advisories on September 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-269-01 Suprema BioStar 2 ICSA-23-269-02 Hitachi Energy Asset Suite 9 ICSA-23-269-03 Mitsubishi Electric FA Engineering Software Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: CISA Adds Three Known Exploited Vulnerabilities to Catalog