Jump to content
  • CISA orders agencies to patch Windows, iOS bugs used in attacks

    alf9872000

    • 405 views
    • 2 minutes
     Share


    • 405 views
    • 2 minutes

    CISA added two new vulnerabilities to its list of security bugs exploited in the wild today, including a Windows privilege escalation vulnerability and an arbitrary code execution flaw affecting iPhones and Macs.

     

    The elevation of privileges bug in the Windows Common Log File System Driver is tracked as CVE-2022-37969, enabling local attackers to gain SYSTEM privileges following successful exploitation.

     

    Microsoft patched the vulnerability discovered and reported by researchers at DBAPPSecurity, Mandiant, CrowdStrike, and Zscaler during the September 2022 Patch Tuesday.

     

    "We found this 0Day bug during a proactive Offensive Task Force exploit hunting mission. An escalation of privilege (EOP) exploit was found in the wild, exploiting this Common Log File System (CLFS) vulnerability," Dhanesh Kizhakkinan, Senior Principal Vulnerability Engineer at Mandiant, told BleepingComputer.

     

    "The exploit seems to stand-alone and not part of a chain (like browser + EOP)."

     

    Apple also patched the arbitrary code execution vulnerability (CVE-2022-32917) on Monday and confirmed that it was exploited in attacks as a zero-day bug in the iOS and macOS kernel.

     

    This was the eighth zero-day used in the wild that Apple addressed since the start of the year, all of them most likely used only in highly-targeted attacks.

    Federal agencies ordered to patch within three weeks

    binding operational directive (BOD 22-01) issued in November 2021 says that all Federal Civilian Executive Branch Agencies (FCEB) agencies have to secure their networks against bugs added to CISA'sCISA's catalog of Known Exploited Vulnerabilities (KEV).

     

    CISA has given Federal Civilian Executive Branch Agencies (FCEB) agencies three weeks, until October 10th, to address these two security flaws and block attacks that could target their systems.

     

    Even though the directive only applies to U.S. federal agencies, the cybersecurity agency strongly urged all orgs to fix the Windows privilege escalation and the Apple Kernel code execution flaws to thwart exploitation attempts.

     

    "These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise," CISA warned today.

     

    Since BOD 22-01 was issued, CISA has added over 800 security flaws to the catalog of bugs exploited in the wild, requiring federal agencies to address them on a tighter schedule to block attacks and potential security breaches.

     

    Source: Bleeping Computer

    https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-windows-ios-bugs-used-in-attacks/

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...