windows Vulnerability | Breaking Cybersecurity News | The Hacker News

Unlike the initial reports suggested about Intel chips being vulnerable to some severe 'memory leaking' flaws, full technical details about the vulnerabilities have now been emerged, which revealed that almost every modern processor since 1995 is vulnerable to the issues. Disclosed today by Google Project Zero , the vulnerabilities potentially impact all major CPUs, including those from AMD, ARM, and Intel—threatening almost all PCs, laptops, tablets, and smartphones, regardless of manufacturer or operating system. These hardware vulnerabilities have been categorized into two attacks , named Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715), which could allow attackers to steal sensitive data which is currently processed on the computer. Both attacks take advantage of a feature in chips known as "speculative execution," a technique used by most modern CPUs to optimize performance. "In order to improve performance, many CPUs may choose t

As part of this month's Patch Tuesday , Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for enterprises released since 2007. Researchers at behavioral firewall specialist Preempt discovered two zero-day vulnerabilities in Windows NTLM security protocols, both of which allow attackers to create a new domain administrator account and get control of the entire domain. NT LAN Manager (NTLM) is an old authentication protocol used on networks that include systems running the Windows operating system and stand-alone systems. Although NTLM was replaced by Kerberos in Windows 2000 that adds greater security to systems on a network, NTLM is still supported by Microsoft and continues to be used widely. The first vulnerability involves unprotected Lightweight Directory Access Protocol (LDAP) from NTLM relay, and the second impact Remote Desktop Protocol (RDP) Restricted-Admin mode. L

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

A security researcher has just discovered a stealthy cryptocurrency-mining malware that was also using Windows SMB vulnerability at least two weeks before the outbreak of WannaCry ransomware attacks. According to Kafeine, a security researcher at Proofpoint , another group of cyber criminals was using the same EternalBlue exploit , created by the NSA and dumped last month by the Shadow Brokers, to infect hundreds of thousands of computers worldwide with a cryptocurrency mining malware called ' Adylkuzz .' This malicious campaign went unnoticed for weeks because unlike WannaCry , this malware does not install ransomware or notify victims, but instead, it quietly infects unpatched computers with malware that only mine ' Monero ,' a Bitcoin-like cryptocurrency. This Malware Saves Computers From Getting Hacked By WannaCry The Researcher believes Adylkuzz malware attack could be larger in scale than WannaCry ransomware attack because it has been designed to blo

Update (Monday, May 08, 2017):  Microsoft has released an emergency security update to patch below-reported crazy bad remote code execution vulnerability in its Microsoft Malware Protection Engine (MMPE) that affects Windows 7, 8.1, RT and 10 computers, as well as Windows Server 2016 operating systems. Google Project Zero's security researchers have discovered another critical remote code execution (RCE) vulnerability in Microsoft's Windows operating system, claiming that it is something truly bad. Tavis Ormandy announced during the weekend that he and another Project Zero researcher Natalie Silvanovich discovered "the worst Windows remote code [execution vulnerability] in recent memory. This is crazy bad. Report on the way." Ormandy did not provide any further details of the Windows RCE bug, as Google gives a 90-day security disclosure deadline to all software vendors to patch their products and disclose it to the public. This means the details of the new RC

After last month's postponement, Microsoft's Patch Tuesday is back with a massive release of fixes that includes patches for security vulnerabilities in Windows and associated software disclosed and exploited since January's patch release. Meanwhile, Adobe has also pushed out security updates for its products, releasing patches for at least seven security vulnerabilities in its Flash Player software. Microsoft patched a total of 140 separate security vulnerabilities across 18 security bulletins, nine of them critical as they allow remote code execution on the affected computer. Microsoft Finally Patches Publicly Disclosed Windows Flaws Among the "critical" security updates include a flaw in the SMB (server message block) network file sharing protocol, which had publicly disclosed exploit code since last month. The original patch released last year for this flaw was incomplete. The flaw is a memory corruption issue that could allow remote code execu

Microsoft on Tuesday released security update (KB 4010250) to patch flaws in Adobe Flash Player for its customers using Internet Explorer on Windows 8.1 and later, as well as Edge for Windows 10, but two already disclosed flaws remain unpatched. Just last week, Microsoft announced that its February patches would be delayed until March due to a last minute issue, a move that led to Google publishing details of an unpatched Windows bug . However, the software giant emailed a handful of big business to alert them to the incoming patches on Monday, advising them to update their systems as soon as possible. The security patches are now available to all Windows customers over Windows Update, and " No other security updates are scheduled for release until the next scheduled monthly update release on March 14, 2017 ," Microsoft says. Bulletin MS17-005 for Adobe Flash Player addresses remote code execution (RCE) vulnerabilities for some currently supported Windows systems.

Microsoft is once again facing embarrassment for not patching a vulnerability on time. Yes, Google's Project Zero team has once again publicly disclosed a vulnerability  ( with POC exploit ) affecting Microsoft's Windows operating systems ranging from Windows Vista Service Pack 2 to the latest Windows 10 that had yet to be patched. A few months back, the search engine giant disclosed a critical Windows vulnerability to the public just ten days after revealing the flaw to Microsoft. However, this time Google revealed the vulnerability in Windows to the public after Microsoft failed to patch it within the 90-day window given by the company. Google's Project Zero member Mateusz Jurczyk responsibly reported a vulnerability in Windows' Graphics Device Interface (GDI) library to Microsoft Security Team on the 9th of June last year. The vulnerability affects any program that uses this library, and if exploited, could potentially allow hackers to steal informatio

Security researchers have discovered a nasty security vulnerability that is said to affect almost every version of Windows and Samba and will be patched on April 12, 2016, the Samba development team announced Tuesday. So, Save the Date if you are a Windows or Samba file server administrator. Samba is a free, open source implementation of the SMB/CIFS network file sharing protocol that runs on the majority of operating systems available today, including Windows, UNIX, Linux, IBM System 390, and OpenVMS. Samba allows non-Windows operating systems, like GNU/Linux or Mac OS X, to communicate with the same networking protocol as the Windows products, thus enabling users to access network shared folders and files from Windows OS. Dubbed Badlock , the vulnerability has been discovered by Stefan Metzmacher, a developer of Samba Core Team. Details about the Badlock vulnerability will be disclosed on April 12, when the developers of Microsoft and Samba release security p

In the wake of a critical Remote Code Execution vulnerability in all supported versions of its operating system platform, Microsoft has just issued an emergency fix. Yes, it's time to patch your Windows operating system against an alarming security hole that could allow remote attackers to run malicious code on your computer, thereby taking " complete control of the affected system. " The critical flaw ( CVE-2015-2426 ), which affects all the supported versions of Windows operating system, resides in the way Windows Adobe Type Manager Library handles specially crafted Microsoft's OpenType fonts. Once exploited, the vulnerability could allow hackers to execute remotely malicious code on victims' computer if they open a specially crafted document or visit an untrusted web page that contains embedded OpenType fonts. " An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights ," Microsoft s

Security researchers have unearthed a serious security flaw in all supported versions of Windows that could let hackers steal users' credentials from computers, tablets or servers running any version of Windows operating system, including the as-yet-released Windows 10. This vulnerability in Windows was first discovered 20 Years ago : The critical bug, dubbed " Redirect to SMB ," is a variant of a vulnerability found in Windows by researcher Aaron Spangler nearly 18 years ago that caused Windows to expose a user's Windows username and password automatically. However, according to researchers at security firm Cylance who discovered the flaw, this weakness in Windows was never patched by Microsoft, as Microsoft says that this flaw is not worth focusing on, and, therefore... ...This results in a new hack that targets the SMB file sharing protocol . But, What is SMB? SMB, or Server Message Block, is a protocol that allows users to share files o

Recently discovered FREAK  vulnerability that apparently went undetected for more than a decade is reportedly affecting all supported versions of Microsoft Windows, making the flaw more creepy than what we thought. FREAK vulnerability is a disastrous SSL/TLS flaw disclosed Monday that allows an attacker to force SSL clients, including OpenSSL, to downgrade to weaken ciphers that can be easily broken and then supposedly conduct Man-in-the-Middle attacks on encrypted HTTPS-protected traffic passing between vulnerable end-users and Millions of websites. Read our previous post to know more about FREAK vulnerability . FREAK IN MICROSOFT RESIDES IN SECURE CHANNEL Microsoft issued an advisory published Thursday warning Windows users that Secure Channel ( Schannel ) stack — the Windows implementation of SSL/TLS — is vulnerable to the FREAK encryption-downgrade attack , though it said it has not received any reports of public attacks. When the security glitch first discove

Apple's operating system is considered to be the most secure operating system whether it's Mac OS X for desktop computers or iOS for iPhones. But believe it or not, they are the most vulnerable operating system of year 2014. MOST VULNERABLE OPERATING SYSTEM  Windows, which is often referred to as the most vulnerable operating system in the world and also an easy pie for hackers, is not even listed on the top three vulnerable OS. According to an analysis by the network and security solutions provider GFI, the top three most vulnerable operating system are: Apple's Mac OS X Apple iOS Linux kernel GFI analysis is based on the data from the US National Vulnerability Database (NVD ), which shows that in 2014, the top three most vulnerable operating systems took owner by the following number of vulnerabilities reported in their software: Mac OS X - Total 147 vulnerabilities were reported, 64 of which were rated as high-severity Apple's iOS - Total 127 vulnerabilities were reported,