Found 18 bookmarks
Newest
Patch Tuesday - February 2024
Patch Tuesday - February 2024
Microsoft is addressing 73 vulnerabilities this February 2024 Patch Tuesday, including two (actually, three!) zero-day/exploited-in-the-wild vulnerabilities, both of which are already included on the CISA KEV list. Today also brings patches for two critical remote code execution (RCE) vulnerabilities, and a critical elevation of privilege vulnerability in Exchange. Six browser vulnerabilities were published separately this month, and are not included in the total.
#rapid7#EN#2024#PatchTuesday#february-2024#CVE-2024-21351#CVE-2024-21412#CVE-2024-21413
·rapid7.com·
Patch Tuesday - February 2024
Microsoft May 2023 Patch Tuesday
Microsoft May 2023 Patch Tuesday
This month we got patches for 49 vulnerabilities. Of these, 6 are critical, and 2 are already being exploited, according to Microsoft. One of the exploited vulnerabilities is a Win32k Elevation of Privilege Vulnerability (CVE-2023-29336). This vulnerability has low attack complexity, low privilege, and none user interaction. The attack vector is local, the CVSS is 7.8, and the severity is Important.
#sansedu#EN#2023#May2023#vulnerabilities#PatchTuesday
·isc.sans.edu·
Microsoft May 2023 Patch Tuesday
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Check Point Research recently discovered three vulnerabilities in the “Microsoft Message Queuing” service, commonly known as MSMQ. These vulnerabilities were disclosed to Microsoft and patched in the April Patch Tuesday update. The most severe of these, dubbed QueueJumper by CPR (CVE-2023-21554), is a critical vulnerability that could allow unauthorized attackers to remotely execute arbitrary code in the context of the Windows service process mqsvc.exe.
#checkpoint#EN#2023#analysis#RCE#Queuejumper#CVE-2023-21554#MSMQ#Service#Critical#PatchTuesday
·research.checkpoint.com·
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Check Point Research recently discovered three vulnerabilities in the “Microsoft Message Queuing” service, commonly known as MSMQ. These vulnerabilities were disclosed to Microsoft and patched in the April Patch Tuesday update. The most severe of these, dubbed QueueJumper by CPR (CVE-2023-21554), is a critical vulnerability that could allow unauthorized attackers to remotely execute arbitrary code in the context of the Windows service process mqsvc.exe.
#checkpoint#EN#2023#analysis#RCE#Queuejumper#CVE-2023-21554#MSMQ#Service#Critical#PatchTuesday
·research.checkpoint.com·
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Patch Tuesday - Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours
Patch Tuesday - Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours
Dive into the analysis and exploitation of a vulnerability in the Windows Ancillary Function Driver for Winsock for Local Privilege Escalation on Windows 11. More from X-Force Red experts.
#securityintelligence#EN#2023#PatchTuesday#LPE#Windows#afd.sys#CVE-2023-21768#exploit#analysis#reverseengineering
·securityintelligence.com·
Patch Tuesday - Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours
Patch Tuesday - Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours
Patch Tuesday - Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours
Dive into the analysis and exploitation of a vulnerability in the Windows Ancillary Function Driver for Winsock for Local Privilege Escalation on Windows 11. More from X-Force Red experts.
#securityintelligence#EN#2023#PatchTuesday#LPE#Windows#afd.sys#CVE-2023-21768#exploit#analysis#reverseengineering
·securityintelligence.com·
Patch Tuesday - Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours