#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

patch Tuesday | Breaking Cybersecurity News | The Hacker News

Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days

Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days
May 15, 2024 Patch Tuesday / Vulnerability
Microsoft has addressed a total of  61 new security flaws  in its software as part of its Patch Tuesday updates for May 2024, including two zero-days which have been actively exploited in the wild. Of the 61 flaws, one is rated Critical, 59 are rated Important, and one is rated Moderate in severity. This is in addition to  30 vulnerabilities  resolved in the Chromium-based Edge browser over the past month, including two recently disclosed zero-days ( CVE-2024-4671  and  CVE-2024-4761 ) that have been tagged as exploited in attacks. The two security shortcomings that have been weaponized in the wild are below - CVE-2024-30040  (CVSS score: 8.8) - Windows MSHTML Platform Security Feature Bypass Vulnerability CVE-2024-30051  (CVSS score: 7.8) - Windows Desktop Window Manager ( DWM ) Core Library Elevation of Privilege Vulnerability "An unauthenticated attacker who successfully exploited this vulnerability could gain code execution through convincing a user to open a malicious

CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability

CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability
Mar 27, 2024 Threat Intelligence / Network Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has  added  a security flaw impacting Microsoft Sharepoint Server to its Known Exploited Vulnerabilities ( KEV ) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with Site Owner privileges to execute arbitrary code. "In a network-based attack, an authenticated attacker as a Site Owner could execute code remotely on the SharePoint Server," Microsoft  said  in an advisory. The flaw was addressed by Microsoft as part of its  Patch Tuesday updates  for May 2023. The development comes more than two months after CISA  added  CVE-2023-29357, a privilege escalation flaw in SharePoint Server, to its KEV catalog. It's worth pointing out that an exploit chain combining CVE-2023-29357 and CVE-2023-24955 was demonstrated by StarLabs SG at the Pwn2Own Vancouver h

DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack

DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack
Mar 14, 2024 Malware / Cyber Attack
A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers. "During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects that led unsuspecting victims to compromised sites hosting the Microsoft Windows SmartScreen bypass CVE-2024-21412 that led to malicious Microsoft (.MSI) installers," Trend Micro  said . CVE-2024-21412 (CVSS score: 8.1) concerns an internet shortcut files security feature bypass vulnerability that permits an unauthenticated attacker to circumvent SmartScreen protections by tricking a victim into clicking on a specially crafted file. It was  fixed  by Microsoft as part of its Patch Tuesday updates for February 2024, but not before it was weaponized by a threat actor called  Water Hydra  (aka DarkCasino) to deliver the DarkMe malware in attacks targeting financial institutions. The latest finding

Demonstrate Responsible AI: Get the ISO 42001 Compliance Checklist from Vanta

cyber security
websiteVantaCompliance / Security Audit
ISO 42001 helps organizations demonstrate trustworthy AI practices in accordance with global standards. With Vanta, completing the requirements for ISO 42001 compliance can be done in a fraction of the time. Download the checklist to get started.

Defending Your Commits From Known CVEs With GitGuardian SCA And Git Hooks

Defending Your Commits From Known CVEs With GitGuardian SCA And Git Hooks
May 20, 2024Software Security / Vulnerability
All developers want to create secure and dependable software. They should feel proud to release their code with the full confidence they did not introduce any weaknesses or anti-patterns into their applications. Unfortunately, developers are not writing their own code for the most part these days. 96% of all software contains some open-source components, and open-source components make up between  70% and 90% of any given piece of modern software . Unfortunately for our security-minded developers, most modern vulnerabilities come from those software components.  As new vulnerabilities emerge and are publicly reported as  Common Vulnerabilities and Exposures  (CVEs), security teams have little choice but to ask the developer to refactor the code to include different versions of the dependencies. Nobody is happy in this situation, as it blocks new features and can be maddening to roll back component versions and hope that nothing breaks. Developers need a way to  quickly  determine if

Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws

Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws
Mar 13, 2024 Patch Tuesday / Software Update
Microsoft on Tuesday released its monthly security update,  addressing 61 different security flaws  spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 58 are rated Important, and one is rated Low in severity. None of the flaws are listed as publicly known or under active attack at the time of the release, but six of them have been tagged with an "Exploitation More Likely" assessment. The fixes are in addition to  17 security flaws  that have been patched in the company's Chromium-based Edge browser since the release of the  February 2024 Patch Tuesday updates . Topping the list of critical shortcomings are  CVE-2024-21407  and  CVE-2024-21408 , which affect Hyper-V and could result in remote code execution and a DoS condition, respectively. Microsoft's update also addresses privilege escalation flaws in the Azure Kub

Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation

Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation
Feb 15, 2024 Threat Intelligence / Vulnerability
Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its  Patch Tuesday updates . Tracked as  CVE-2024-21410  (CVSS score: 9.8), the issue has been described as a case of privilege escalation impacting the Exchange Server. "An attacker could target an NTLM client such as Outlook with an NTLM credentials-leaking type vulnerability," the company  said  in an advisory published this week. "The leaked credentials can then be relayed against the Exchange server to gain privileges as the victim client and to perform operations on the Exchange server on the victim's behalf." Successful exploitation of the flaw could permit an attacker to relay a user's leaked Net-NTLMv2 hash against a susceptible Exchange Server and authenticate as the user, Redmond added. The tech giant, in an update to its bulletin, revised

Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days

Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days
Feb 14, 2024 Patch Tuesday / Vulnerability
Microsoft has released patches to address  73 security flaws  spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and rated Moderate in severity. This is in addition to  24 flaws  that have been fixed in the Chromium-based Edge browser since the release of the January 2024 Patch Tuesday updates . The two flaws that are listed as under active attack at the time of release are below - CVE-2024-21351  (CVSS score: 7.6) - Windows SmartScreen Security Feature Bypass Vulnerability CVE-2024-21412  (CVSS score: 8.1) - Internet Shortcut Files Security Feature Bypass Vulnerability "The vulnerability allows a malicious actor to inject code into  SmartScreen  and potentially gain code execution, which could potentially lead to some data exposure, lack of system availability, or both," Microsoft said a

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
Jan 12, 2024 Cyber Attack / Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has  added  a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. The issue, tracked as  CVE-2023-29357  (CVSS score: 9.8), is a privilege escalation flaw that could be exploited by an attacker to gain administrator privileges. Microsoft  released patches  for the bug as part of its June 2023 Patch Tuesday updates. "An attacker who has gained access to spoofed JWT authentication tokens can use them to execute a network attack which bypasses authentication and allows them to gain access to the privileges of an authenticated user," Redmond said. "The attacker needs no privileges nor does the user need to perform any action." Security researcher Nguyễn Tiến Giang (Jang) of StarLabs SG  demonstrated an exploit  for the flaw at the Pwn2Own Vancouver hacking contest last year, earning a $100,000 prize. The  pr

Microsoft's January 2024 Windows Update Patches 48 New Vulnerabilities

Microsoft's January 2024 Windows Update Patches 48 New Vulnerabilities
Jan 10, 2024 Vulnerability / Windows Security
Microsoft has addressed a total of  48 security flaws  spanning its software as part of its Patch Tuesday updates for January 2024. Of the 48 bugs, two are rated Critical and 46 are rated Important in severity. There is no evidence that any of the issues are publicly known or under active attack at the time of release, making it the second consecutive Patch Tuesday with no zero-days. The fixes are in addition to  nine security vulnerabilities  that have been resolved in the Chromium-based Edge browser since the release of  December 2023 Patch Tuesday  updates. This also includes a fix for a zero-day ( CVE-2023-7024 , CVSS score: 8.8) that Google said has been actively exploited in the wild. The most critical among the flaws patched this month are as follows - CVE-2024-20674  (CVSS score: 9.0) - Windows Kerberos Security Feature Bypass Vulnerability CVE-2024-20700  (CVSS score: 7.5) - Windows Hyper-V Remote Code Execution Vulnerability "The authentication feature could be bypas

Microsoft's Final 2023 Patch Tuesday: 34 Flaws Fixed, Including 4 Critical

Microsoft's Final 2023 Patch Tuesday: 34 Flaws Fixed, Including 4 Critical
Dec 13, 2023 Patch Tuesday / Windows Security
Microsoft released its final set of Patch Tuesday updates for 2023, closing out 34 flaws in its software, making it one of the lightest releases in recent years. Of the 34 shortcomings, four are rated Critical and 30 are rated Important in severity. The fixes are in addition to  18 flaws  Microsoft addressed in its Chromium-based Edge browser since the release of  Patch Tuesday updates for November 2023 . According to data from the  Zero Day Initiative , the software giant has patched more than 900 flaws this year, making it one of the busiest years for Microsoft patches. For comparison, Redmond resolved 917 CVEs in 2022. While none of the vulnerabilities are listed as publicly known or under active attack at the time of release, some of the notable ones are listed below - CVE-2023-35628  (CVSS score: 8.1) - Windows MSHTML Platform Remote Code Execution Vulnerability CVE-2023-35630  (CVSS score: 8.8) - Internet Connection Sharing (ICS) Remote Code Execution Vulnerability CVE-2

Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities

Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities
Nov 15, 2023 Patch Tuesday / Zero-Day
Microsoft has released fixes to address  63 security bugs  in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity. Two of them have been listed as publicly known at the time of the release. The updates are in addition to  more than 35 security shortcomings  addressed in its Chromium-based Edge browser since the release of Patch Tuesday updates for October 2023. The five zero-days that are of note are as follows - CVE-2023-36025  (CVSS score: 8.8) - Windows SmartScreen Security Feature Bypass Vulnerability CVE-2023-36033  (CVSS score: 7.8) - Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36036  (CVSS score: 7.8) - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability CVE-2023-36038  (CVSS score: 8.2) - ASP.NET Core Denial of Service Vulnerability CV
Expert Insights
Cybersecurity Resources