Following in the footsteps of Chrome, Edge has received an update to fix a rather severe 0-day exploit too. This is because the issue affects all browsers based on Chromium, including Edge.
Exploit RSS
Google has rolled out security updates for Chrome across various channels to fix a handful of issues, including one 0-day exploit. Details of the problem are private for now but it has high severity.
This week's digest recaps a hefty amount of news related to Microsoft Edge, some about a Windows 11 Dev Channel build, and an exploit that affects virtually all supported versions of Windows.
Google has issued a warning about a sophisticated exploit kit being used to target news media, IT, crypto, and fintech personnel. The attackers were reportedly state-sponsored North Korean groups.
Microsoft has issued an advisory about an Active Directory privilege escalation attack. The vulnerabilities have already been patched but unpatched domain controllers are more at risk now than ever.
Thanks to an as yet undisclosed critical vulnerability in Chrome 96, confirmed to be actively being exploited in the wild, Google is rolling out an update to Chrome 96, which y'all should update to.
Razer has confirmed that it is working on patching an easily exploitable security issue which allows a local attacker to gain admin privileges to your system using just a Razer mouse or a dongle.
Microsoft has released another patch for the critical PrintNightmare vulnerability. It makes major changes to the Point and Print functionality on Windows, and immediate installation is recommended.
Microsoft has confirmed that its update KB5004945 breaks Zebra printers preventing them from working properly. The company will release a new patch within the next few days that will fix the problem.
Despite claims to the contrary, Microsoft says that its PrintNightmare patch works as intended. It states that security researchers who are calling it ineffective are using insecure configurations.
Security researchers are reporting that Microsoft's fix for the PrintNightmare vulnerability that rolled out to most Windows versions is ineffective, and can let attackers completely bypass it.
Microsoft has offered some further mitigations against the highly dangerous PrintNightmare exploit. The company has also given it a CVSS rating of 8.8/10, which almost awards it "critical" severity.
An exploit called "PrintNightmare" is being investigated by Microsoft. It potentially affects all versions of Windows. U.S. CISA has marked it as "critical" as it can lead to remote code execution.
"Half-double" is a Rowhammer exploit which grants access to wider memory addresses on newer DRAM chips. Malicious code can potentially take control of the full system through this hardware bypass.
A security researcher has published code on GitHub that takes advantage of an exploit recently patched by Microsoft. The Redmond firm recommends users install the latest patches to avoid issues.
Microsoft has enabled Defender Antivirus to automatically mitigate a recent vulnerability in on-premises Exchange server instances. This acts only as a temporary workaround to break the attack chain.
The week brought us Ignite news, Exchange on-prem vulnerability news, and even some expected Insider build news. Make sure to catch up with everything that happened via our handy overview.
Microsoft has revealed that on-premises Exchange servers are under attack from a state-sponsored group operating from China and utilizing 0-day exploits. Exchange Online is safe from the threat.
Malicious actors, reportedly from North Korea, are targeting security researchers with social engineering attacks using fake social media accounts, exploit claims, and injected malware.
According to a report, dozens of journalists - mostly from Al Jazeera - had their iPhones hacked via an Israeli firm's spyware. Four attackers have been linked to the UAE and Saudi Arabia.
Google has updated the rules for its Chrome Vulnerability Rewards Program, offering bigger bounties and bonuses for security researchers who discover security exploits in Chrome's JavaScript engine.
Sony is issuing permanent bans to PlayStation 5 owners who are engaging in an exploitative technique of selling access to the PlayStation Plus Collection games available for free on their new console.
Google's Project Zero team has disclosed a zero-day vulnerability in Windows that enables elevated code execution that is currently being exploited. Microsoft is expected to patch the bug next month.
Twitter has revealed that hackers attempted to match phone numbers to Twitter usernames. It said the hack may have been state-backed, possibly being linked to Iran, Israel, or Malaysia.
A subset of users with sudo access could have run commands restricted to root users by leveraging a discovered exploit in a function return call that changes the user ID in Linux and Unix systems.
Microsoft has identified and patched two critical vulnerabilities in Windows Remote Desktop Services that affect Windows 7 through 10. The two Bluekeep-like vulnerabilities are also wormable.
CERT-Bund, the computer emergency response team of Germany, has identified a critical security flaw in the popular VLC Media Player that would allow remote code execution and more.
With today's highlighted deal, the gigantic 114-hour track (12 courses) to go from cybersecurity zero to systems security hero can be yours for just $3.25 per course. Save and profit via Neowin Deals!
A report claims that WhatsApp has been the target of a surveillance attack developed by Israel-based security firm NSO Group. WhatsApp has confirmed the vulnerability and is still investigating.
Google today revealed that a zero-day vulnerability in Windows 7 was being used in concert with an exploit in its Chrome browser to target users. The company is alerting users to update the browser.
Facebook has updated us on the situation regarding the View As attack that came to light a few weeks ago. Those affected are fewer than thought and those who were will be contacted soon.
Facebook has said that it is temporarily disabling the View As feature after it discovered an exploit in the feature which led to attacks against 50 million user accounts. It notified all affected.
Zerodium, an exploit vendor, has announced that it sold a Tor Browser vulnerability to governments around the world. Since revealing the exploit, the vulnerability, caused by NoScript, was patched.
An ambitious smartphone hack described by researchers would allow an attacker to accurately recreate what you're doing on the phone by taking into account how much battery power each action consumes.
A code execution vulnerability in Windows 10 allowed Cortana to be duped into running PowerShell scripts even while a device was locked by leveraging a combination of voice and context menu commands.
Researchers today warned that a critical flaw in OpenPGP and S/MIME encryption tools could leave your electronic communications at risk, allowing attackers to read encrypted emails in plaintext form.
While prior homebrew software efforts focused on firmware 3.0.0 for the Switch, a bootROM coding oversight within its embedded Tegra processor may blow the door wide open for all current models.
Microsoft has released an emergency Windows update for Windows 7 and Windows Server 2008 R2 systems to fix a serious memory bug that was introduced after a bungled Meltdown patch in January.
It appears that Control Flow Guard (CFG) in Windows 8.1 and 10 can be bypassed, effectively putting 500 million computers at risk. Microsoft is investigating the issue and should have a fix soon.
Having initially rolled out a buggy Spectre patch, Intel has now released an updated patch for Skylake CPUs. The updates will be made available through OEM updates so make sure to update soon.