Crooks are exploiting four Microsoft vulnerabilities – one patched 14 years ago and another tied to ransomware activity – according to America’s lead cyber-defense agency, which on Monday gave federal agencies two weeks to patch them.
The four vulnerabilities added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on Monday are: CVE-2025-60710, a link-following vulnerability in Windows that allows privilege escalation. After initially disclosing this bug in November 2025, Redmond fully fixed it a month later. CVE-2023-36424, a Windows Common Log File System Driver flaw that allows privilege escalation. Microsoft patched this one in November 2023.
Read more…
Source: The Register News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Magniber ransomware gang now exploits Internet Explorer flaws in attacks
November 11, 2021
The Magniber ransomware gang is now using two Internet Explorer vulnerabilities and malicious advertisements to infect users and encrypt their devices. The two Internet Explorer vulnerabilities are tracked as CVE-2021-26411 and CVE-2021-40444, with both having a CVSS v3 severity score of 8.8. The first one, CVE-2021-26411, was fixed in March 2021 and is a memory corruption flaw ...
- Massive Zero-Day Hole Found in Palo Alto Security Appliances
November 10, 2021
UPDATE: Researchers have a working exploit for the vulnerability (now patched), which allows for unauthenticated RCE and affects what Palo Alto clarified is an estimated 10,000 VPN/firewalls. Researchers have developed a working exploit to gain remote code execution (RCE) via a massive vulnerability in a security appliance from Palo Alto Networks (PAN), potentially leaving 10,000 vulnerable ...
- Critical Citrix DDoS Bug Shuts Down Network, Cloud App Access
November 10, 2021
A critical security bug in the Citrix Application Delivery Controller (ADC) and Citrix Gateway could allow cyberattackers to crash entire corporate networks without needing to authenticate. The two affected Citrix products (formerly the NetScaler ADC and Gateway) are used for application-aware traffic management and secure remote access, respectively. The federated working specialist pushed out a security ...
- A set of vulnerabilities in TCP/IP stacks could leave millions of connected medical devices open to attack
November 9, 2021
Critical vulnerabilities in millions of connected devices used in hospital networks could allow attackers to disrupt medical equipment and patient monitors, as well as Internet of Things devices that control systems and equipment throughout facilities, such as lighting and ventilation systems. The vulnerable TCP/IP stacks – communications protocols commonly used in connected devices – are also ...
- Multiple BusyBox Security Bugs Threaten Embedded Linux Devices
November 9, 2021
Researchers have discovered 14 critical vulnerabilities in a popular program used in embedded Linux applications, all of which allow for denial of service (DoS) and 10 that also enable remote code execution (RCE), they said. One of the flaws also could allow devices to leak info, according to researchers from JFrog Security and Claroty Research, in ...
- Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
November 7, 2021
On Sept. 16, 2021, the US Cybersecurity and Infrastructure Security Agency (CISA) released an alert warning that advanced persistent threat (APT) actors were actively exploiting newly identified vulnerabilities in a self-service password management and single sign-on solution known as ManageEngine ADSelfService Plus. The alert explained that malicious actors were observed deploying a specific webshell and ...