News

Microsoft has fixed a 0-day and 50+ other bugs in its products

Photo of Daniel Zimmermann Daniel ZimmermannFebruary 10, 2021
0 69 1 minute read

As part of the February “Patch Tuesday” Microsoft has fixed a 0-day and 56 other bugs in its products, and also warned of three dangerous vulnerabilities in the Windows TCP/IP stack.

Among the bugs fixed was one zero-day vulnerability (identified as CVE-2021-1732), which was already under attack. The issue has been classified as privilege escalation in Win32k.

According to a report by Chinese company DBAPPSecurity, this 0-day was used by Bitter, which has a long track record of attacks targeting organizations and users in Pakistan and China. Experts note that the attackers used the exploit “with caution” and remained unnoticed for almost seven months.

According to the researchers, the exploit for CVE-2021-1732 was compiled back in May 2020 and was developed for 64-bit Windows 10 1909, although subsequent tests showed that the vulnerability poses a threat to 64-bit Windows 10 20H2.

Let me remind you that we also talked about the fact that Microsoft fixed 17-year-old critical vulnerability in Windows DNS Server.

Also, this “update Tuesday” contains a number of fixes for vulnerabilities, information about which has already been published, but they were not used by hackers. Among them:

  • CVE-2021-1721 – .NET Core and Visual Studio Denial of Service Vulnerability.
  • CVE-2021-1733 – Sysinternals PsExec privilege escalation vulnerability.
  • CVE-2021-26701 – .NET Core remote code execution vulnerability.
  • CVE-2021-1727 — Windows Installer privilege escalation vulnerability;
  • CVE-2021-24098 — Windows Console Drive Denial of Service Vulnerability.
  • CVE-2021-24106 – Windows DirectX Information Disclosure Vulnerability.

In addition, Microsoft has released patches for three critical vulnerabilities in the Windows TCP/IP stack and is now urging everyone to install the patches as soon as possible.

Two of the three vulnerabilities (CVE-2021-24074 and CVE-2021-24094) can be used to remotely execute arbitrary code. That is, with their help, attackers can remotely hijack Windows systems. The third and final error (CVE-2021-24086) can trigger a Denial of Service (DoS).

“Both RCE vulnerabilities are complex, making it difficult to create functional exploits. Therefore, they are unlikely to be used in the nearest future. We believe that attackers will be able to create DoS exploits much faster, and we expect that all three problems can be exploited for DoS attacks very soon”, – Microsoft analysts write.

As we said earlier, Microsoft presented resistant to attacks Pluton processor.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Tags
Photo of Daniel Zimmermann Daniel ZimmermannFebruary 10, 2021
0 69 1 minute read
Photo of Daniel Zimmermann

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

AlphaBay darknet market

The AlphaBay darknet market, closed in 2017, is back online

August 13, 2021
bluekeep

BlueKeep still can attack about one million of computers

May 28, 2019
AhMyth entered Google Play

Open Source Android Spyware AhMyth Enters Google Play Store

August 23, 2019

Facebook will introduce Clear History tool this spring

February 28, 2019

Leave a Reply

Your email address will not be published. Required fields are marked *

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2024, All Rights Reserved  | Adware.Guru;
Back to top button