by CIRT Team
PrintNightmare(CVE-2021-34527): Microsoft Releases Out-of-Band Security Updates
Microsoft has released the KB5004945 emergency security update to fix the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service impacting all Windows versions. However, the patch is incomplete and the vulnerability can still be locally exploited to gain SYSTEM privileges. The remote code execution bug (tracked as CVE-2021-34527) allows attackers to take over affected servers via remote code execution (RCE) with SYSTEM...
Read More
by CIRT Team
CVE-2021-3560 – Polkit – Local Privilege Escalation
Description:It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user.This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to dataconfidentiality and integrity as well as system availability. Impact:The vulnerability enables an unprivileged local...
Read More
by CIRT Team
CVE-2021-34527: PrintNightmare- Critical Windows Print Spooler Remote Code Execution Vulnerability
Description:A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations.An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change or delete data;or create new accounts with full user rights.An attack must involve an authenticated user calling RpcAddPrinterDriverEx(). Impact:This remote code execution (RCE) CVE-2021-34527 impacts all versions...
Read More
by CIRT Team
Multiple Vulnerabilities in Apple iOS Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple iOS that couldallow for arbitrary code execution. iOS is a mobile operating system formobile devices, including the iPhone, iPad, and iPod touch. Successfulexploitation of these vulnerabilities could result in arbitrary codeexecution within the context of the application, an attacker gaining thesame privileges as the logged-on user, or the bypassing of securityrestrictions. Depending on the permission associated with theapplication...
Read More
by CIRT Team
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this...
Read More
by CIRT Team
TITLE: Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe Products, themost severe of which could allow for arbitrary code execution. * Connect is a suite of software for remote training, web conferencing,presentation, and desktop sharing.* Acrobat and Reader is a family of application software and Webservices mainly used to create, view, and edit PDF documents.* Experience Manager is a content management solution for buildingwebsites, mobile apps, and...
Read More
by CIRT Team
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this...
Read More
by CIRT Team
UPDATED – Critical Patches Issued for Microsoft Products, June 8, 2021
DESCRIPTION:There are six zero-day vulnerabilities that Microsoft has tracked asbeing actively exploited which include CVE-2021-33742, CVE-2021-33739,CVE-2021-31199, CVE-2021-31201, CVE-2021-31955 and CVE-2021-31956. IMPACT:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution. A full list of all vulnerabilities can be found at the link below:https://msrc.microsoft.com/update-guide/en-us Successful exploitation of the most severe of these vulnerabilitiescould result in an attacker gaining...
Read More
