#windows

Path resolution in `hyper-staticfile` didn't correctly validate Windows paths, meaning paths like `/foo/bar/c:/windows/web/screen/img101.png` would be allowed and respond with the contents of `c:/windows/web/screen/img101.png`. Thus users could potentially read files anywhere on the filesystem. This only impacts Windows. Linux and other unix likes are not impacted by this.

A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)

The Cap'n Proto library and capnp Rust package are vulnerable to out-of-bounds read due to logic error handling list-of-list. If a message consumer expects data of type "list of pointers", and if the consumer performs certain specific actions on such data, then a message producer can cause the consumer to read out-of-bounds memory. This could trigger a process crash in the consumer, or in some cases could allow exfiltration of private in-memory data. Impact ====== - Remotely segfault a peer by sending it a malicious message, if the victim performs certain actions on a list-of-pointer type. - Possible exfiltration of memory, if the victim performs additional certain actions on a list-of-pointer type. - To be vulnerable, an application must perform a specific sequence of actions, described below. At present, **we are not aware of any vulnerable application**, but we advise updating regardless. Fixed in ======== Unfortunately, the bug is present in inlined code, therefore the fix will...

Categories: Podcast This week on Lock and Code, we explore why security advisories—which businesses rely on to inform them about security patches—are falling short of their intended goals. (Read more...) The post Security advisories are falling short. Here's why, with Dustin Childs: Lock and Code S03E25 appeared first on Malwarebytes Labs.

Drupal H5P Module versions 2.0.0 and below suffer from a traversal vulnerability when handling a zipped filename on windows.

Zillya Total Security versions 3.0.2367.0 and 3.0.2368.0 suffer from a local privilege escalation vulnerability via a symlink vulnerability when using the quarantine module.

A single improperly formatted command has effectively killed KmsdBot botnet, security vendor says.

A new data wiper malware called CryWiper has been found targeting Russian government agencies, including mayor's offices and courts. "Although it disguises itself as a ransomware and extorts money from the victim for 'decrypting' data, [it] does not actually encrypt, but purposefully destroys data in the affected system," Kaspersky researchers Fedor Sinitsyn and Janis Zinchenko said in a

The Lazarus Group threat actor has been observed leveraging fake cryptocurrency apps as a lure to deliver a previously undocumented version of the AppleJeus malware, according to new findings from Volexity. "This activity notably involves a campaign likely targeting cryptocurrency users and organizations with a variant of the AppleJeus malware by way of malicious Microsoft Office documents,"

Categories: News Tags: week in security Tags: iSpoof Tags: Cyber Monday threats Tags: TikTok malware Tags: TikTok Tags: MDR Tags: fake Friendster Tags: South Dakota Tags: Cuba ransomware Tags: ransomware Tags: FCC The most interesting security related news from the week of November 28 to December 4. (Read more...) The post A week in security (November 28 - December 4) appeared first on Malwarebytes Labs.