Jump to content

Search the Community

Showing results for tags 'security patches'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 3 results

  1. Google has released the Android October security updates, addressing 41 vulnerabilities, all ranging between high and critical severity. On the 5th of each month, Google releases the complete security patch for the Android OS which contains both the framework and the vendor fixes for that month. As such, this update also incorporates fixes for the 10 vulnerabilities that were addressed in the Security patch level 2021-10-01, released a couple of days back. The high-severity flaws fixed this month concern denial of service, elevation of privilege, remote code execution, and information disclosure issues. The three critical severity flaws in the set are tracked as: CVE-2021-0870: Remote code execution flaw in Android System, enabling a remote attacker to execute arbitrary code within the context of a privileged process. CVE-2020-11264: Critical flaw affecting Qualcomm’s WLAN component, concerning the acceptance of non-EAPOL/WAPI frames from unauthorized peers received in the IPA exception path. CVE-2020-11301: Critical flaw affecting Qualcomm’s WLAN component, concerning the acceptance of unencrypted (plaintext) frames on secure networks. Critical but unexploited None of the 41 flaws addressed this month have been reported to be under active exploitation in the wild, so there should be no working exploits for them circulating out there. Older devices that are no longer supported with security updates now have an increased attack surface, as some of the vulnerabilities fixed this month are excellent candidates for threat actors to create working exploits in the future. Remember, Android security patches aren’t bound to Android versions, and the above fixes concern all versions from Android 8.1 to Android 11. As such, the OS version isn’t a determining factor in whether or not your device is still supported. If you have confirmed that your device has reached the EOL date, you should either install a third-party Android distribution that still delivers monthly security patches for your model, or replace it with a new one. Android fans have been eagerly waiting for the release of version 12, which was rumored for October 4, 2021, but what they got instead was the source of Android 12 pushed to the Android Open Source Project. This step signifies that the actual release is just around the corner, and OTA upgrade alerts could hit eligible devices, like the Pixel, very soon. Android October patch fixes three critical bugs, 41 flaws in total
  2. Today is Microsoft's September 2021 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities and a total of 60 flaws. Microsoft has fixed 60 vulnerabilities (86 including Microsoft Edge) with today's update, with three classified as Critical, one as Moderate, and 56 as Important. Of the total 86 vulnerabilities (including Microsoft Edge): 27 Elevation of Privilege Vulnerabilities 2 Security Feature Bypass Vulnerabilities 16 Remote Code Execution Vulnerabilities 11 Information Disclosure Vulnerabilities 1 Denial of Service Vulnerabilities 8 Spoofing Vulnerabilities For information about the non-security Windows updates, you can read about today's Windows 10 KB5005565 & KB5005566 cumulative updates. Microsoft fixes Windows MSHTML zero-day Microsoft has released a security update for the Windows MSHTML remote code execution vulnerability tracked as CVE-2021-40444. Last Tuesday, Microsoft disclosed a new zero-day Windows MSHTML remote code execution vulnerability that threat actors actively used in phishing attacks. These attacks distributed malicious Word documents that exploited the CVE-2021-40444 to download and execute a malicious DLL file that installed a Cobalt Strike beacon on the victim's computer. This beacon allows a threat actor to gain remote access to the device to steal files and spread laterally throughout the network. Soon after Microsoft disclosed the vulnerability, threat actors and security researchers began sharing guides on exploiting the vulnerability, which allowed anyone to start using it in attacks, as demonstrated below. With the September 2021 Patch Tuesday updates, Microsoft has released a security update for this vulnerability. As researchers discovered numerous ways to exploit the bug, including a bypass to mitigations, it is not clear if the security update fixes all of the techniques. Two zero-days fixed, with one actively exploited September's Patch Tuesday includes fixes for two zero-day vulnerabilities, with the MSHTML bug actively exploited in the wild. Microsoft classifies a vulnerability as a zero-day if publicly disclosed or actively exploited with no official security updates released. The publicly disclosed, but not actively exploited, zero-day vulnerability is: CVE-2021-36968 - Windows DNS Elevation of Privilege Vulnerability The only actively exploited vulnerability is the Windows MSHTML remote code execution vulnerability, as previously discussed: CVE-2021-40444 - Microsoft MSHTML Remote Code Execution Vulnerability Recent updates from other companies Other vendors who released updates in July include: Adobe released security updates for two products. Android's September security updates were released last week. Apple released security updates for iOS and macOS yesterday that fix two zero-day vulnerabilities exploited in the wild. One of the vulnerabilities was used to install the NSO Pegasus spyware on activists's devices. Cisco released security updates for numerous products this month. SAP released its September 2021 security updates. The September 2021 Patch Tuesday Security Updates Below is the complete list of resolved vulnerabilities and released advisories in the September 2021 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here. Tag CVE ID CVE Title Severity Azure Open Management Infrastructure CVE-2021-38648 Open Management Infrastructure Elevation of Privilege Vulnerability Important Azure Open Management Infrastructure CVE-2021-38645 Open Management Infrastructure Elevation of Privilege Vulnerability Important Azure Open Management Infrastructure CVE-2021-38647 Open Management Infrastructure Remote Code Execution Vulnerability Critical Azure Open Management Infrastructure CVE-2021-38649 Open Management Infrastructure Elevation of Privilege Vulnerability Important Azure Sphere CVE-2021-36956 Azure Sphere Information Disclosure Vulnerability Important Dynamics Business Central Control CVE-2021-40440 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Important Microsoft Accessibility Insights for Android CVE-2021-40448 Microsoft Accessibility Insights for Android Information Disclosure Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-30606 Chromium: CVE-2021-30606 Use after free in Blink Unknown Microsoft Edge (Chromium-based) CVE-2021-30609 Chromium: CVE-2021-30609 Use after free in Sign-In Unknown Microsoft Edge (Chromium-based) CVE-2021-30608 Chromium: CVE-2021-30608 Use after free in Web Share Unknown Microsoft Edge (Chromium-based) CVE-2021-30607 Chromium: CVE-2021-30607 Use after free in Permissions Unknown Microsoft Edge (Chromium-based) CVE-2021-38641 Microsoft Edge for Android Spoofing Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-38642 Microsoft Edge for iOS Spoofing Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-38669 Microsoft Edge (Chromium-based) Tampering Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-36930 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important Microsoft Edge (Chromium-based) CVE-2021-30632 Chromium: CVE-2021-30632 Out of bounds write in V8 Unknown Microsoft Edge (Chromium-based) CVE-2021-30610 Chromium: CVE-2021-30610 Use after free in Extensions API Unknown Microsoft Edge (Chromium-based) CVE-2021-30620 Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink Unknown Microsoft Edge (Chromium-based) CVE-2021-30619 Chromium: CVE-2021-30619 UI Spoofing in Autofill Unknown Microsoft Edge (Chromium-based) CVE-2021-30618 Chromium: CVE-2021-30618 Inappropriate implementation in DevTools Unknown Microsoft Edge (Chromium-based) CVE-2021-30621 Chromium: CVE-2021-30621 UI Spoofing in Autofill Unknown Microsoft Edge (Chromium-based) CVE-2021-30624 Chromium: CVE-2021-30624 Use after free in Autofill Unknown Microsoft Edge (Chromium-based) CVE-2021-30623 Chromium: CVE-2021-30623 Use after free in Bookmarks Unknown Microsoft Edge (Chromium-based) CVE-2021-30622 Chromium: CVE-2021-30622 Use after free in WebApp Installs Unknown Microsoft Edge (Chromium-based) CVE-2021-30613 Chromium: CVE-2021-30613 Use after free in Base internals Unknown Microsoft Edge (Chromium-based) CVE-2021-30612 Chromium: CVE-2021-30612 Use after free in WebRTC Unknown Microsoft Edge (Chromium-based) CVE-2021-30611 Chromium: CVE-2021-30611 Use after free in WebRTC Unknown Microsoft Edge (Chromium-based) CVE-2021-30614 Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip Unknown Microsoft Edge (Chromium-based) CVE-2021-30617 Chromium: CVE-2021-30617 Policy bypass in Blink Unknown Microsoft Edge (Chromium-based) CVE-2021-30616 Chromium: CVE-2021-30616 Use after free in Media Unknown Microsoft Edge (Chromium-based) CVE-2021-30615 Chromium: CVE-2021-30615 Cross-origin data leak in Navigation Unknown Microsoft Edge (Chromium-based) CVE-2021-26436 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important Microsoft Edge for Android CVE-2021-26439 Microsoft Edge for Android Information Disclosure Vulnerability Moderate Microsoft MPEG-2 Video Extension CVE-2021-38644 Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability Important Microsoft Office CVE-2021-38657 Microsoft Office Graphics Component Information Disclosure Vulnerability Important Microsoft Office CVE-2021-38658 Microsoft Office Graphics Remote Code Execution Vulnerability Important Microsoft Office CVE-2021-38650 Microsoft Office Spoofing Vulnerability Important Microsoft Office CVE-2021-38659 Microsoft Office Remote Code Execution Vulnerability Important Microsoft Office Access CVE-2021-38646 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2021-38655 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2021-38660 Microsoft Office Graphics Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2021-38651 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office SharePoint CVE-2021-38652 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office Visio CVE-2021-38654 Microsoft Office Visio Remote Code Execution Vulnerability Important Microsoft Office Visio CVE-2021-38653 Microsoft Office Visio Remote Code Execution Vulnerability Important Microsoft Office Word CVE-2021-38656 Microsoft Word Remote Code Execution Vulnerability Important Microsoft Windows Codecs Library CVE-2021-38661 HEVC Video Extensions Remote Code Execution Vulnerability Important Microsoft Windows DNS CVE-2021-36968 Windows DNS Elevation of Privilege Vulnerability Important Visual Studio CVE-2021-36952 Visual Studio Remote Code Execution Vulnerability Important Visual Studio CVE-2021-26434 Visual Studio Elevation of Privilege Vulnerability Important Visual Studio CVE-2021-26437 Visual Studio Code Spoofing Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2021-38628 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2021-38638 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Authenticode CVE-2021-36959 Windows Authenticode Spoofing Vulnerability Important Windows Bind Filter Driver CVE-2021-36954 Windows Bind Filter Driver Elevation of Privilege Vulnerability Important Windows BitLocker CVE-2021-38632 BitLocker Security Feature Bypass Vulnerability Important Windows Common Log File System Driver CVE-2021-38633 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows Common Log File System Driver CVE-2021-36963 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows Common Log File System Driver CVE-2021-36955 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows Event Tracing CVE-2021-36964 Windows Event Tracing Elevation of Privilege Vulnerability Important Windows Event Tracing CVE-2021-38630 Windows Event Tracing Elevation of Privilege Vulnerability Important Windows Installer CVE-2021-36962 Windows Installer Information Disclosure Vulnerability Important Windows Installer CVE-2021-36961 Windows Installer Denial of Service Vulnerability Important Windows Kernel CVE-2021-38626 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2021-38625 Windows Kernel Elevation of Privilege Vulnerability Important Windows Key Storage Provider CVE-2021-38624 Windows Key Storage Provider Security Feature Bypass Vulnerability Important Windows MSHTML Platform CVE-2021-40444 Microsoft MSHTML Remote Code Execution Vulnerability Important Windows Print Spooler Components CVE-2021-38667 Windows Print Spooler Elevation of Privilege Vulnerability Important Windows Print Spooler Components CVE-2021-38671 Windows Print Spooler Elevation of Privilege Vulnerability Important Windows Print Spooler Components CVE-2021-40447 Windows Print Spooler Elevation of Privilege Vulnerability Important Windows Redirected Drive Buffering CVE-2021-36969 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability Important Windows Redirected Drive Buffering CVE-2021-38635 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability Important Windows Redirected Drive Buffering CVE-2021-36973 Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability Important Windows Redirected Drive Buffering CVE-2021-38636 Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability Important Windows Scripting CVE-2021-26435 Windows Scripting Engine Memory Corruption Vulnerability Critical Windows SMB CVE-2021-36960 Windows SMB Information Disclosure Vulnerability Important Windows SMB CVE-2021-36972 Windows SMB Information Disclosure Vulnerability Important Windows SMB CVE-2021-36974 Windows SMB Elevation of Privilege Vulnerability Important Windows Storage CVE-2021-38637 Windows Storage Information Disclosure Vulnerability Important Windows Subsystem for Linux CVE-2021-36966 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important Windows TDX.sys CVE-2021-38629 Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability Important Windows Update CVE-2021-38634 Microsoft Windows Update Client Elevation of Privilege Vulnerability Important Windows Win32K CVE-2021-38639 Win32k Elevation of Privilege Vulnerability Important Windows Win32K CVE-2021-36975 Win32k Elevation of Privilege Vulnerability Important Windows WLAN Auto Config Service CVE-2021-36965 Windows WLAN AutoConfig Service Remote Code Execution Vulnerability Critical Windows WLAN Service CVE-2021-36967 Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability Important Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws
  3. 0days, a failed patch, and a backdoor threat. Update Tuesday highlights A few of the more notable updates in this month's patch batch from Microsoft. Enlarge 67 with 39 posters participating, including story author Microsoft on Tuesday patched 120 vulnerabilities, two that are notable because they’re under active attack and a third because it fixes a previous patch for a security flaw that allowed attackers to gain a backdoor that persisted even after a machine was updated. Zero-day vulnerabilities get their name because an affected developer has zero days to release a patch before the security flaw is under attack. Zero-day exploits can be among the most effective because they usually go undetected by antivirus, intrusion prevention systems, and other security protections. These types of attacks usually indicate a threat actor of above-average means because of the work and skill required to identify the unknown vulnerability and develop a reliable exploit. Adding to the difficulty: the exploits must bypass defenses developers have spent considerable resources implementing. A hacker's dream: Bypassing code-signing checks The first zero-day is present in all supported versions of Windows, including Windows 10 and Server 2019, which security professionals consider two of the world’s most secure operating systems. CVE-2020-1464 is what Microsoft is calling a Windows Authenticode Signature Spoofing Vulnerability. Hackers who exploit it can sneak their malware onto targeted systems by bypassing a malware defense that uses digital signatures to certify that software is trustworthy. Authenticode is Microsoft’s in-house code-signing technology for ensuring that an app or driver comes from a known and trusted source and hasn’t been tampered with by anyone else. Because they modify the OS kernel, drivers can be installed on Windows 10 and Server 2019 only when they bear one of these cryptographic signatures. On earlier Windows versions, digital signatures still play an important role in helping AV and other protections to detect malicious wares. The typical route for attackers to bypass this protection is to sign their malware with a valid certificate stolen from a legitimate provider. The investigation into Stuxnet, the worm that’s widely believed to have targeted Iran’s nuclear program a decade ago, was one of the first times researchers had discovered the tactic being used. Since then, however, researchers have found the practice dates back to at least 2003 and is much more widespread than previously thought. Stolen certificates continue to be a regular occurrence with one of the more recent incidents using a certificate stolen in 2018 from Nfinity Games to sign malware that infected several Massively Multiplayer Online game makers earlier this year. CVE-2020-1464 made it possible for hackers to achieve the same bypass without the hassle of stealing a valid certificate or worrying it might be revoked. The host of Windows versions affected suggests that the vulnerability has existed for years. Microsoft provided no details about the cause of the vulnerability, how it’s exploited, by whom, or who the targets are. Microsoft typically credits the researchers who reported flaws it fixes, but Microsoft’s acknowledgment page for this month’s Update Tuesday makes no mention at all of CVE-2020-1464. A Microsoft representative said the discovery was made internally through research done at Microsoft. IE: As old as it is insecure The other zero-day under attack can install malware of an attacker's choice when targets view malicious content with Internet explorer, an ancient browser with an outdated code base that’s vulnerable to all kinds of exploits. According to security firm Sophos, CVE-2020-1380 stems from a use-after-free class of bug that allows attackers to load malicious code into a memory location that has been freed up once its previous contents are no longer in use. The vulnerability resides in the just-in-time compiler of IE’s JavaScript engine. One way attackers can exploit the flaw is by planting booby-trapped code on a website the target visits. Another method is to embed a malicious ActiveX control in an application or Microsoft Office document that uses the IE rendering engine. Despite being harmful, Windows will show that the ActiveX control is “safe for initialization.” There’s no doubt that the in-the-wild exploits are alarming to the people or organizations under attack. But all in all, CVE-2020-1380 is less concerning to the Internet as a whole because of the small base of users threatened. With the rise of advanced protections in Chrome, Firefox, and Edge, IE has gone from a browser with near-monopoly usage to one with less than 6% marketshare. Anyone still using it should give it up for something with better defenses. A “leet” bug with an elusive fix The third fix released on Tuesday is CVE-2020-1337. Its number, 1337, which hackers often use to spell “leet,” as in “elite,” is one noteworthy trait. The more important distinction is that it’s a patch for CVE-2020-1048, an update that Microsoft released in May. The May patch was supposed to fix a privilege escalation vulnerability in the Windows Print Spooler, a service that manages the printing process, including locating printer drivers and loading them and scheduling print jobs. In short, the flaw made it possible for an attacker with the ability to execute low-privileged code to establish a backdoor on vulnerable computers. The attacker could return any time after that to escalate access to all-powerful System rights. The vulnerability was the result of the print spooler allowing an attacker to write arbitrary data to any file on a computer with system privileges. That made it possible to drop a malicious DLL and get it executed by a process running with system privileges. A detailed technical description of this flaw is provided in this post from researchers Yarden Shafir & Alex Ionescu. They note that the print spooler has received little attention from researchers despite being some of the oldest code still running in Windows. Less than two weeks after Microsoft issued the patch, a researcher with the handle math1as submitted a report to the bug bounty service Zero Day Initiative that showed the update failed to fix the vulnerability. The discovery required Microsoft to develop a new patch. The result is the one that was released on Tuesday. ZDI has a full breakdown of the failed patch here. In all, this month’s Update Tuesday patched almost three-dozen vulnerabilities rated critical and many more with lower ratings. Within a day or so of release, Windows automatically downloads patches and installs them at times when the computer isn’t in use. For most people, this automatic update system is fine, but if you’re like me and want to install them right away, that’s easy, too. On Windows 10, go to Start > Settings > Update & Security > Windows Update, and click Check for Updates. On Windows 7, go to Start > Control Panel > System and Security > Windows Update and click Check for Updates. A reboot will be required. 0days, a failed patch, and a backdoor threat. Update Tuesday highlights
×
×
  • Create New...