Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2024-20658: Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

**What privileges an attacker could gain with a successful exploitation?** An attacker who successfully exploited this vulnerability could gain privilege escalation in the processing of .vhdx files in the Windows Kernel.

Microsoft Security Response Center
Open in Source
#vulnerability#windows#microsoft#Microsoft Virtual Hard Drive#Security Vulnerability
Femitter FTP Server 1.03 Denial Of Service

Femitter FTP Server version 1.03 remote denial of service exploit.

Gom Player 2.3.92.5362 Buffer Overflow

Gom Player version 2.3.92.5362 suffers from a buffer overflow vulnerability.

Gom Player 2.3.92.5362 DLL Hijacking

Gom Player version 2.3.92.5362 suffers from a dll hijacking vulnerability.

Persistence – Event Log

Windows Event logs are the main source of information for defensive security teams to identify threats and for administrators to troubleshoot errors. The logs are… Continue reading → Persistence – Event Log

Persistence – Event Log

Windows Event logs are the main source of information for defensive security teams to identify threats and for administrators to troubleshoot errors. The logs are… Continue reading → Persistence – Event Log

File Sharing Wizard 1.5.0 Denial Of Service

File Sharing Wizard version 1.5.0 remote denial of service exploit.

Pro-Iranian Hacker Group Targeting Albania with No-Justice Wiper Malware

The recent wave of cyber attacks targeting Albanian organizations involved the use of a wiper called No-Justice. The findings come from cybersecurity company ClearSky, which said the Windows-based malware "crashes the operating system in a way that it cannot be rebooted." The intrusions have been attributed to an Iranian "psychological operation group" called Homeland

Themebleed Windows 11 Themes Arbitrary Code Execution

When an unpatched Windows 11 host loads a theme file referencing an msstyles file, Windows loads the msstyles file, and if that file's PACKME_VERSION is 999, it then attempts to load an accompanying dll file ending in _vrf.dll. Before loading that file, it verifies that the file is signed. It does this by opening the file for reading and verifying the signature before opening the file for execution. Because this action is performed in two discrete operations, it opens the procedure for a time of check to time of use vulnerability. By embedding a UNC file path to an SMB server we control, the SMB server can serve a legitimate, signed dll when queried for the read, but then serve a different file of the same name when the host intends to load/execute the dll.