Humans are complex beings with consciousness, emotions, and the capacity to act based on thoughts. In the ever-evolving realm of cybersecurity, humans consistently remain primary targets for attackers. Over the years, these attackers have developed their expertise in exploiting various human qualities, sharpening their skills to manipulate biases and emotional triggers with the objective of

_Humans are complex beings with consciousness, emotions, and the capacity to act based on thoughts. In the ever-evolving realm of cybersecurity, humans consistently remain primary targets for attackers. Over the years, these attackers have developed their expertise in exploiting various human qualities, sharpening their skills to manipulate biases and emotional triggers with the objective of influencing human behaviour to compromise security whether it be personal and organisational security._

**More than just a 'human factor'**

Understanding what defines our humanity, recognizing how our qualities can be perceived as vulnerabilities, and comprehending how our minds can be targeted provide the foundation for identifying and responding when we inevitably become the target.

The human mind is a complex landscape that evolved over years of exposure to the natural environment, interactions with others, and lessons drawn from past experiences.

As humans, our minds set us apart, marked by a multitude of traits and emotions, often too complicated to articulate precisely.

****Human behaviour is complex****

Some of our fundamental traits can be outlined as follows:

*   **Trust** – Humans place their trust in others, assuming inherent goodness.
*   **Empathy** – Humans exhibit care for others and their feelings.
*   **Ego** – Humans harbour a competitive spirit, aspiring to outshine their peers.
*   **Guilt** – Humans experience remorse for their actions, especially when they harm others.
*   **Greed** – Humans desire possessions and may succumb to impulsivity.
*   **Urgency** – Humans respond promptly to situations demanding immediate attention.
*   **Vulnerability** – Humans often grapple with fear and are candid about their emotions.

While this list is not exhaustive, it summarises common and understandable aspects that drive human behaviour. Human interactions hold essential value, instilling life with significance and advancing cultural norms. However, for attackers seeking to exploit us, the social construct of human-to-human interactions provides a pathway for manipulation.

Our naturally social nature forces us to revert to these traits. Emotions serve as a safety net for communication, problem-solving, and connections in our everyday life and we have come to trust our emotional responses to further guide and protect us in a variety of situations.

****I think, therefore I can be manipulated****

Attackers exploit this safety net (emotions and fundamental traits) when targeting humans, as it can be manipulated to fulfil their objectives. This safety net weakens even more when we venture into the "online" realm, as certain safeguards fail due to a lack of insight. The abstraction of communication through a name on screen often misleads our minds in interpreting situations in a way that our emotions cannot accurately navigate.

In the realm of manipulation, various models and methods have been employed over centuries to influence human behaviour. In today's context, attackers exploit these models to identify human vulnerabilities, characterised as weaknesses within the system that can be exploited.

In addition to directly manipulating fundamental traits through carefully targeted attacks, attackers tend to target humans through forms of influence and persuasion. These can be summarised as follows, and humans tend to operate mentally in these realms:

*   Reciprocation – Humans feel compelled to reciprocate what they have received.
*   Authority – Humans are inclined to comply with authoritative/known figures.
*   Scarcity – Humans desire items that are less attainable.
*   Commitment & Consistency – Humans favour routine and structure.
*   Liking – Humans form emotional connections.
*   Social Proof – Humans seek validation and fame.

These aspects can be viewed as potential vulnerabilities in the human mind when combined with emotions and fundamental traits. Attackers leverage these aspects to gain direct control over our actions, an occurrence now recognised as social engineering. Social engineering encompasses various techniques and tactics, yet at its core, it exploits one or more of the areas mentioned above through accurately crafted interactions.

****Formula for attack****

To describe the modus operandi for attackers targeting humans, we can formulate simple formulas.

A standard attacker formula will be as follows:

(Target) + (Vulnerability) + (Exploit) = Compromise

But when applied to the human it could be as follows:

(Human Mind) + (Emotional Trigger/Trait) + (Social Engineering Technique) = Intended Objective through Resultant Reaction

**_The attack chain is apparent by looking at how these formulas relate to triggers and techniques in combination with vulnerabilities._**

Exploitation techniques, often seen in digital channels like email, phone calls, or text messages, are frequently used for phishing. These tactics manipulate established interactions to achieve various objectives, such as deceiving individuals into parting with funds, opening malicious files, submitting credentials, or revealing sensitive data. The consequences of these attacks can vary from individual losses to organizational breaches.

****Defending ourselves****

To safeguard against these attacks against our minds, we should align our cognitive standards with emotional triggers by asking questions like; what is the purpose, expectation, and legitimacy of the interaction. These questions could prevent impulsive reactions and allow introspection.

Establishing a "stop and assess" mentality acts as a mental firewall, strengthened by vigilance, to enhance personal and organisational security. By considering potential attacks, we heighten our awareness of vulnerabilities and work on resilience. This awareness, coupled with a proactive approach, helps mitigate threats to our minds and humanity, promoting collaboration to disarm attackers and weaken their operations.

Stay vigilant, stay informed, and continue to question everything.

This is just one of the stories found in the Security Navigator. Other exciting research like a study of Hacktivism and an analysis of the surge in Cyber Extortion (as well as a ton of other interesting research topics) can be found there as well. It's free of charge, so have a look. It's worth it!

_**Note:** This article was expertly written by Ulrich Swart, Training Manager & Technical Team Leader at Orange Cyberdefense._

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Hacking the Human Mind: Exploiting Vulnerabilities in the 'First Line of Cyber Defense'

A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in the product. As for the affected products/models/versions, see the information provided by the vendor listed under [References] section or the list under [Product Status] section.

CVE-2023-49225: 20231128 | Security Bulletins | Ruckus Wireless Support

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.

CVE-2023-41913: Releases · strongswan/strongswan

An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.

Ghostscript is an interpreter for the PostScript®  language and PDF files. It is available under either the GNU GPL Affero license or  licensed for commercial use from Artifex Software, Inc. It has been under active development for over 30 years and has been ported to several different systems during this time. Ghostscript consists of a PostScript interpreter layer and a graphics library.

There are a family of other products, including GhostPCL, GhostPDF, and GhostXPS that are built upon the same graphics library. Between them, this family of products offers native rendering of all major page description languages. Our latest product, GhostPDL, pulls all these languages into a single executable.

Full descriptions of these products can be found on our documentation introduction.

In addition to rendering to raster formats, Ghostscript offers high-level conversion through our vector output devices.

Written entirely in C, Ghostscript runs on various embedded operating systems and platforms including Windows, macOS, the wide variety of Unix and Unix-like platforms, and VMS systems.

**Current Release**

The current Ghostscript release 10.02.1 can be downloaded here.

**NEW in this Release**

*   Old PDF Interpreter has now been removed - see https://ghostscript.com/blog/pdfi.html for more details
*   And more! Review the full release notes.

**The Ghostscript Blog**

Find news, articles and developer notes from the Ghostscript engineering team on the blog.

**Security Advisory**

*   *   November 1, 2023: Ghostscript/GhostPDL 10.02.1 release fixes CVE-2023-46751.
        
    *   CVE-2023-46751 affects _all_ Ghostscript/GhostPDL versions prior to 10.02.1.
        
    *   CVE-2023-46751 is a shell command injection/remote code execution risk, so we recommend upgrading to version 10.02.1 as a matter of urgency
        
    
    *   September 18, 2023: Ghostscript/GhostPDL 10.02.0 release fixes CVE-2023-43115.
        
    *   CVE-2023-43115 affects _all_ Ghostscript/GhostPDL versions prior to 10.02.0.
        
    *   CVE-2023-43115 is a remote code execution risk, so we recommend upgrading to version 10.02.0 as a matter of urgency
        
    
    *   June 27, 2023: Ghostscript/GhostPDL 10.01.2 release fixes CVE-2023-36664.
        
    *   CVE-2023-36664 affects _all_ Ghostscript/GhostPDL versions prior to 10.01.2.
        
*   April 3, 2023: Ghostscript/GhostPDL 10.01.1 release fixes CVE-2023-28879.
    
*   April 4, 2022: Ghostscript/GhostPDL 9.56.1 bundles zlib 1.2.12 which addresses CVE-2018-25032.
    
*   December 16, 2021: Apache Log4J vulnerability – GHOSTSCRIPT NOT AFFECTED – For more info: CVE-2021-44228
    

**Related projects**

*   Memento: A memory debugging library for C (or C++) programs.
*   jbig2dec: A JBIG2 image decoder.

CVE-2023-46751: Ghostscript

By Waqas
Kali Linux Unveils Feature Rich 2023.4 Release with Cloud ARM64, Vagrant Hyper-V, Raspberry Pi 5, and More!
This is a post from HackRead.com Read the original post: Kali Linux 2023.4 is Out: Cloud ARM64, Hyper-V, Pi 5, & More!

Attention Kali Linux enthusiasts! Your holiday treat has arrived with the release of Kali Linux 2023.4, packed with a plethora of new features. Download now and elevate your Kali experience!

As 2023 draws to a close, **Kali Linux** enthusiasts are in for a treat with the latest release, Kali Linux 2023.4. Packed with innovative features and improvements, this update focuses on expanding platform support and refining existing capabilities.

****Cloud ARM64 Marketplaces Integration****

One standout feature is the addition of ARM64 support on Amazon AWS and Microsoft Azure marketplaces. This enhancement not only provides users with more flexibility in instance options but also promises an improved price-to-performance ratio. While Kali Linux has consistently prioritized ARM architecture, the team acknowledges ongoing efforts to ensure broader compatibility.

****Vagrant Hyper-V Support for Seamless Virtualization****

Kali Linux’s Vagrant offering receives a significant upgrade with added support for Hyper-V environments. Targeted at users familiar with Vagrant’s command-line interface, this feature allows for seamless management of virtual machines.

Users can customize their Kali environments by defining various parameters such as operating system, CPU, RAM, storage, networking, and additional scripts or commands for installation and configuration.

****Raspberry Pi 5 Compatibility****

Exciting news for Raspberry Pi enthusiasts as Kali Linux introduces dedicated support for the latest Raspberry Pi 5. Users can either download the pre-built image directly or automate the process using Raspberry Pi Imager. While the image is currently in a BETA state and limited to ARM64 architecture, the Kali team expresses optimism about additional flavours in the future.

****Embracing GNOME 45 for Enhanced User Experience****

Kali Linux now integrates with the latest GNOME 45, bringing aesthetic improvements and functionality enhancements. Users opting for GNOME as their desktop environment can enjoy features like full-height sidebars, faster search in the Nautilus file manager, and updated themes for various components. Despite some pending updates for Nautilus, the overall user experience is expected to be more refined.

****Revamped Internal Infrastructure with Mirrorbits****

Undergoing significant infrastructure changes, Kali Linux bids farewell to MirrorBrain and welcomes Mirrorbits as the new “mirror redirector.” This essential service, responsible for directing requests to the nearest mirror, has undergone a successful migration.

Leveraging modern technologies like Go and Redis, Mirrorbits proves to be a robust solution, initially developed by Ludovic Fauvet for the VLC media player. The transition, though not without challenges, reflects Kali’s commitment to improving user-facing services.

****Introduction of New Tools and Packages****

True to Kali tradition, the 2023.4 release introduces a host of new tools and updates to existing ones. Notable additions include:

*   **cabby:** TAXII client implementation
*   **h8mail:** Email OSINT and Password breach hunting tool
*   **ReconSpider:** Most Advanced Open Source Intelligence (OSINT) Framework
*   **SPIRE:** SPIFFE Runtime Environment for establishing trust between software systems

Additionally, various packages have been updated, and the Kali kernel has been bumped to version 6.5.0.

****Continued Kali NetHunter and ARM Updates****

The Kali NetHunter community remains active, showcasing impressive feats such as Doom running on Kali NetHunter TicWatch Pro 3 and speedy installations on Android 14. While ARM updates are relatively minimal, the inclusion of Raspberry Pi 5 support stands out as a significant addition.

As Kali Linux enthusiasts eagerly await the new release, the team encourages users to explore fresh images or update existing installations using the provided instructions. The live voice chat session with the Kali team on Discord offers an opportunity for direct interaction and Q&A.

To update your existing Kali Linux to Kali Linux 2023.4, use the following commands:

    ┌──(kali㉿kali)-[~]
    └─$ echo "deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" | sudo tee /etc/apt/sources.list
    [...]
    
    ┌──(kali㉿kali)-[~]
    └─$ sudo apt update && sudo apt -y full-upgrade
    [...]
    
    ┌──(kali㉿kali)-[~]
    └─$ cp -vrbi /etc/skel/. ~/
    [...]
    
    ┌──(kali㉿kali)-[~]
    └─$ [ -f /var/run/reboot-required ] && sudo reboot -f

Whether you’re a seasoned Kali user or exploring it for the first time, the 2023.4 release promises an enhanced experience with its diverse features and community-driven ethos.

To stay updated on the latest developments, bug fixes, and announcements, users are encouraged to engage with the Kali Linux community and actively contribute to its growth. For more information and to download Kali Linux 2023.4, visit the official **Kali Linux website**.

****_RELATED ARTICLES_****

1.  **What is an OSINT Tool – Best OSINT Tools 2023**
2.  **Download NSA’s reverse engineering tool GHIDRA**
3.  **Top 7 Most Popular and Best Cyber Forensics Tools**
4.  **AttackSurfaceMapper: New automated penetration testing tool**
5.  **Why Cybersecurity Business Needs a Real-Time Collaboration Tool**

Kali Linux 2023.4 is Out: Cloud ARM64, Hyper-V, Pi 5, & More!

Cisco Talos has disclosed 10 vulnerabilities over the past two weeks, including nine that exist in a popular online PDF reader that offers a browser plugin.

Wednesday, December 6, 2023 13:33

Cisco Talos has disclosed 10 vulnerabilities over the past two weeks, including nine that exist in a popular online PDF reader that offers a browser plugin. 

Attackers could exploit these vulnerabilities in the Foxit PDF Reader to carry out a variety of malicious actions, but most notably could gain the ability to execute arbitrary code on the targeted machine. Foxit aims to have feature parity with Adobe Acrobat Reader, the most popular PDF-reading software currently on the market. The company offers paid versions of its software for a variety of users, including individuals and enterprises. There are also browser plugins of Foxit that run in a variety of web browsers, including Google Chrome and Mozilla Firefox. 

Talos’ Vulnerability Research team also found an integer overflow vulnerability in the GPSd daemon, which is triggered if an attacker sends a specially crafted packet, causing the daemon to crash. 

For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.  

**Multiple vulnerabilities in Foxit PDF Reader **

_Discovered by Kamlapati Choubey._ 

Foxit PDF Reader contains multiple vulnerabilities that could lead to remote code execution if exploited correctly.  

TALOS-2023-1837 (CVE-2023-32616) and TALOS-2023-1839 (CVE-2023-38573) can be exploited if an attacker embeds malicious JavaScript into a PDF, and the targeted user opens that PDF in Foxit. These vulnerabilities can trigger the use of a previously freed object, which can lead to memory corruption and arbitrary code execution.  

TALOS-2023-1838 (CVE-2023-41257) works in the same way, but in this case, it is caused by a type confusion vulnerability.  

Three other vulnerabilities could allow an attacker to create arbitrary HTA files in the context application, and eventually gain the ability to execute arbitrary code on the targeted machine. TALOS-2023-1832 (CVE-2023-39542), TALOS-2023-1833 (CVE-2023-40194) and TALOS-2023-1834 (CVE-2023-35985) are all triggered if the targeted user opens a specially crafted file in the Foxit software or browser plugin. 

**GPSd NTRIP Stream Parsing access violation vulnerability **

_Discovered by Dimitrios Tatsis._ 

An integer overflow vulnerability exists in the NTRIP Stream Parsing functionality of GPS daemon, which is used to collect and display GPS information in other software. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger TALOS-2023-1860 (CVE-2023-43628). 

According to GPSd’s website, this service daemon powers the map service on Android mobile devices and is “ubiquitous in drones, robot submarines, and driverless cars.” 

_Discovered by Claudio Bozzato and Francesco Benvenuto._ 

Talos researchers recently found multiple data integrity vulnerabilities in Buildroot, a tool that automates builds of Linux environments for embedded systems. 

An adversary could carry out a man-in-the-middle attack to exploit TALOS-2023-1845 (CVE-2023-43608) and TALOS-2023-1844 (CVE-2023-45842, CVE-2023-45839, CVE-2023-45838, CVE-2023-45840 and CVE-2023-45841) to execute arbitrary code in the builder. 

As a direct consequence, an attacker could then also tamper with any file generated for Buildroot’s targets and hosts. 

**Malformed Excel file could lead to arbitrary code execution in WPS Office **

_Discovered by Marcin “Icewall” Noga._ 

An uninitialized pointer use vulnerability (TALOS-2023-1748/CVE-2023-31275) exists in the functionality of WPS Office, a suite of software for word and data processing, that handles Data elements in an Excel file.  

A specially crafted malformed Excel file can lead to remote code execution. 

WPS Office, previously known as a Kingsoft Office, is a software suite for Microsoft Windows, macOS, Linux, iOS, Android, and HarmonyOS developed by Chinese software developer Kingsoft. It is installed by default on Amazon Fire tablet devices. 

Talos disclosed this vulnerability in November despite no official fix or patch from Kingsoft after the company did not respond to our notification attempts and failed the 90-day deadline as outlined in Cisco’s third-party vendor vulnerability disclosure policy.

Remote code execution vulnerabilities found in Buildroot, Foxit PDF Reader

By Deeba Ahmed
CISA Warns of Critical Adobe ColdFusion Vulnerability Actively Exploited by Threat Actors.
This is a post from HackRead.com Read the original post: Adobe ColdFusion Flaw Used by Hackers to Access US Govt Servers

Authorities urge Adobe ColdFusion customers to promptly install patches and update their systems.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Cybersecurity Advisory (CSA) alerting organizations to the exploitation of a critical vulnerability in Adobe ColdFusion by unidentified threat actors.

The vulnerability, **CVE-2023-26360**, affects Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier), as well as older ColdFusion installations that Adobe no longer supports.

Exploitation of CVE-2023-26360 allows threat actors to execute arbitrary code on affected systems, posing a significant security risk. The vulnerability was added to CISA’s known exploited vulnerability (KEV) catalogue right after its discovery, and an April 5 deadline was given to agencies to fix the issue. 

Adobe ColdFusion is a widely used software suite for web application development. Hackread has been reporting this vulnerability ever since it was **discovered** in March. We reported in August 2023 that this critical remote code execution (RCE) flaw, which impacts both Windows and macOS platforms, allows attackers to seize control of affected systems, making it a high-severity cybersecurity risk. Adobe **released** security patches to address the following vulnerabilities:

*   APSB23-40
*   APSB23-41
*   APSB23-47

However, FortiGuard Labs observed continued exploitation attempts at that time, indicating that some users had not yet applied the patches.

Now, the same vulnerability has been exploited by unidentified hackers to gain access to two systems within a Federal Civilian Executive Branch (**FCEB**) agency. Reportedly, the FCEB was running outdated versions, including ColdFusion, which made it vulnerable to the exploit. The hackers were able to gain initial access to two public-facing web servers within the agency’s pre-production environment.

At least two public-facing servers within a Federal Civilian Executive Branch (FCEB) agency were **targeted** with this vulnerability between June and July 2023. Here are the details of the attacks:

**June 2:** Initial access, reconnaissance activities (local/domain admin information, network configurations, user details), and deployment of a remote access trojan (**RAT**). Attempts to exfiltrate data, obtain credentials, download data from C2 infrastructure, and change policies were unsuccessful.

**June 26:** Attackers connected through a malicious IP address, exploited the vulnerability, and analysed running processes. They navigated the filesystem, deleted logs, and executed malicious code designed for ColdFusion versions 9 and below (targeting usernames, passwords, and URLs).

The code could enable future attacks and upload additional files from an unknown source. Password decryption was not possible due to the agency’s newer ColdFusion version. Attempts to conceal the web shell also failed.

While the hackers could insert malware and launch a reconnaissance campaign, there is no evidence of data exfiltration or lateral movement. The agency removed the compromised servers from the network within 24 hours of receiving the alert. CISA is yet to clarify whether the two attacks originated from the same operators.

****_RELATED ARTICLES_****

1.  **68% of US Websites Exposed to Bot Attacks**
2.  **Fake Lockdown Mode Exposes iOS Users to Malware Attacks**
3.  **Cyberattack Defaces Israeli-Made Equipment at US Water Agency**
4.  **Hackers Leak Thousands of Idaho National Lab Employees’ PII Data**
5.  **USPS Delivery Phishing Scam Exploits SaaS Providers to Steal Data**

Adobe ColdFusion Flaw Used by Hackers to Access US Govt Servers

Red Hat Security Advisory 2023-7662-03 - An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 4.11. Issues addressed include a privilege escalation vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7662.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: Red Hat OpenShift for Windows Containers 6.0.3 security updateAdvisory ID:        RHSA-2023:7662-03Product:            Red Hat OpenShift EnterpriseAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7662Issue date:         2023-12-06Revision:           03CVE Names:          CVE-2023-5528====================================================================Summary: An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 4.11.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat OpenShift for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.Security Fix(es):* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)* kubernetes: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes (CVE-2023-5528)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.htmlCVEs:CVE-2023-5528References:https://access.redhat.com/security/updates/classification/#importanthttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003https://bugzilla.redhat.com/show_bug.cgi?id=2243296https://bugzilla.redhat.com/show_bug.cgi?id=2247163https://issues.redhat.com/browse/WINC-1109

Red Hat Security Advisory 2023-7662-03

Microsoft announced it will offer a similar extended security updates program for Windows 10 as it did for Windows 7

The day that Windows 10 machines will get their last security updates is set for October 14, 2025. So if you want to stay secure, you’d have to upgrade to a newer version. Either to Windows 11, which is not all that different, but more demanding when it comes to system requirements. Or to the rumored Windows 12 which might be out by then.

Despite the fact that Windows 11 has been around for a while, market share would have it that Windows 10 is still far more popular. Windows 11 shows a slight increase in usage, but not a very significant one.

Which is strange, since apart from the surprising Copilot introduction, Windows 10 hasn’t seen any major changes. But some people don’t like changes that much. Once they are used to something they want to keep it that way.

So, it makes sense that, similar to the extended security updates program Microsoft offered Windows 7 users years ago, it will now introduce a similar extension program for Windows 10.

The extended security update (ESU) program for Windows 10 is mentioned almost as a footnote in the options users have when end of support (EOS) for Windows 10 comes to light. The suggestions Microsoft offers first are:

*   Upgrade eligible PCs to Windows 11.
*   Purchase new Windows 11 machines.
*   Migrate to the cloud and subscribe to Windows 365.

But how much will the ESU program cost you? Microsoft says that pricing will be provided at a later date. But if the costs for Windows 7 were any indication, the first year came at $70 and doubled each consecutive year, so the third (and last) year was priced at $280. And that was just for security updates. ESUs do not include new features, customer-requested non-security updates, or design change requests.

What will be different this time is that home users will also be able to buy the ESU subscriptions.

Jason Leznek, Principal Product Manager for Windows Servicing and Delivery said:

> “Stay tuned for more ESU program updates as we approach availability, including an ESU program for individual consumers.”

Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

 Windows 10 gets its own extended security updates program 

Code injection in Remote Desktop Manager 2023.3.9.3 and earlier on macOS allows an attacker to execute code via the DYLIB_INSERT_LIBRARIES environment variable.











**DEVO-2023-0021****Summary**

Remote Desktop Manager for macOS is affected by a vulnerability.

**Affected Products**

Remote Desktop Manager for macOS 2023.3.9.3 and earlier

**Change Log**

2023-12-06 - Initial publication

**Severity**

Low

**Product**

Remote Desktop Manager macOS

**Fix Version**

2023.3.10.2

**Code injection via environment variable****Description**

Code injection in Remote Desktop Manager 2023.3.9.3 and earlier on macOS allows an attacker to execute code via the DYLIB\_INSERT\_LIBRARIES environment variable.

**Remediation and Workarounds**

Upgrade to Remote Desktop Manager macOS 2023.3.10.2 or higher.

**Severity**

4.8 Medium CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/U:Green

**Affected Products**

Remote Desktop Manager macOS 2023.3.9.3 and earlier

**CVE(s)**

CVE-2023-6288

Tag

#mac