Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2024-21431: Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** A hypervisor-protected code integrity (HVCI) security feature bypass vulnerability could exist when Windows incorrectly allows certain kernel-mode pages to be marked as Read, Write, Execute (RWX) even with HVCI enabled. To exploit this vulnerability an attacker could run a specially crafted script at administrator level that exploits a signed driver to bypass code integrity protections in Windows.

Microsoft Security Response Center
Open in Source
#vulnerability#windows#Windows Hypervisor-Protected Code Integrity#Security Vulnerability
CVE-2024-21407: Windows Hyper-V Remote Code Execution Vulnerability

**How would an attacker exploit this vulnerability?** This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server.

CVE-2024-21427: Windows Kerberos Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** The authentication feature could be bypassed as this vulnerability allows impersonation.

CVE-2024-21443: Windows Kernel Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2024-21445: Windows USB Print Driver Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

CVE-2023-28746: Intel: CVE-2023-28746 Register File Data Sampling (RFDS)

**Why is this Intel CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in certain processor models offered by Intel. The mitigation for this vulnerability requires a firmware update, and a corresponding Windows updates enables the mitigation. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and are not vulnerable to the issue when paired with the firmware update. Please see the following for more information: https://www.intel.com/content/www/us/en/developer/articles/technical/softwaresecurity-guidance/advisory-guidance/register-file-data-sampling.html

Magnet Goblin Hackers Using Ivanti Flaws to Deploy Linux Malware

By Deeba Ahmed Patch Now! One-Day Vulnerabilities Exploited by Magnet Goblin to Deliver Linux Malware! This is a post from HackRead.com Read the original post: Magnet Goblin Hackers Using Ivanti Flaws to Deploy Linux Malware

Sitecore 8.2 Remote Code Execution

Sitecore version 8.2 suffers from a remote code execution vulnerability.

Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read

Adobe ColdFusion versions 2018,15 and below and versions 2021,5 and below suffer from an arbitrary file read vulnerability.

Backdoor.Win32.Beastdoor.oq MVID-2024-0674 Remote Command Execution

Backdoor.Win32.Beastdoor.oq malware suffers from a remote command execution vulnerability.