Massive Brute Force Attack Targeting Networking Devices
A large-scale brute force attack is underway, using nearly 2.8 million IP addresses daily to target networking devices from Palo Alto Networks, Ivanti, and SonicWall….
Microsoft Patch Tuesday Fixes Nine Critical Vulnerabilities
Microsoft’s November Patch Tuesday addresses 62 vulnerabilities, nine of which are critical. Six of the vulnerabilities are actively exploited zero-days, which includes two used in ProxyNotShell attacks (CVE-2022-41082 and CVE-2022-41040) affecting on-premise Microsoft Exchange Servers.
The other four actively exploited vulnerabilities include:
- CVE-2022-41091 – Windows Mark of the Web Security Feature Bypass Vulnerability allows for an attacker to craft a malicious file that would evade Mark of the Web defences. The hacker could use a malicious website or a specially crafted .url file to exploit the bypass. The vulnerability requires the user to take action, such as clicking on a link or malicious attachment within a phishing email.
- CVE-2022-41128 – Windows Scripting Languages Remote Code Execution Vulnerability impacts the Jscript9 scripting language. It allows for an attacker hosting a specially crafted server share or website to execute code remotely, providing they can convince a user to visit the server share or website, possibly through phishing emails or chat messages.
- CVE-2022-41073 – Windows Print Spooler Elevation of Privilege Vulnerability allows an attacker to gain system privileges if successfully exploited.
- CVE-2022-41125 – Windows CNG Key Isolation Service Elevation of Privilege Vulnerability also allows an attacker to gain system privileges if successfully exploited.
Microsoft is urging administrators to patch systems as soon as possible, as threat actors are actively exploiting several of these vulnerabilities.
Microsoft has published a security update guide for this month’s Patch Tuesday, which includes technical descriptions of all vulnerabilities fixed.
Related Links:
https://www.tenable.com/blog/microsofts-november-2022-patch-tuesday-addresses-62-cves-cve-2022-41073 -Published 8th November
https://msrc.microsoft.com/update-guide/releaseNote/2022-Nov – Published 8th November
Related articles
Oasis Ticket Sales Scams: How to Stay Safe
During our weekly meetings with the banking industry and Police Scotland, we continue to see a significant increase in ticket scams over the last three…
Alert: Unpatched Microsoft Office Vulnerability Exposes NTLM Hashes
Microsoft has recently disclosed a significant security vulnerability affecting multiple versions of its Office suite, including Office 2016, Office 2019, Office LTSC 2021 and Microsoft…