#windows

# Microsoft Security Advisory CVE-2024-43499 | .NET Denial of Service Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. The NrbfDecoder component in .NET 9 contains a denial of service vulnerability due to incorrect input validation. ## Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/333 ## <a name="mitigation-factors"></a>Mitigation factors Applications that do not use the NrbfDecoder component are not affected by this vulnerability. By default, .NET console apps and web apps do not reference this component. ## <a name="affected-software"></a>Affected software * Any .NET 9.0 application running on .NET 9.0.0.RC.2 or earlier. ## <a name="affected-packages"></a>Affected Packages The...

November Microsoft Patch Tuesday. 125 CVEs, 35 of which were added since October MSPT. 2 vulnerabilities with signs of exploitation in the wild: 🔻 Elevation of Privilege – Windows Task Scheduler (CVE-2024-49039)🔻 Disclosure/Spoofing – NTLM Hash (CVE-2024-43451) No signs of exploitation, but with a private PoC of the exploit: 🔸 Remote Code Execution – Microsoft […]

The November 2024 Patch Tuesday update contains a substantially high percentage of remote code execution (RCE) vulnerabilities (including a critical issue in Windows Kerberos), and two other zero-day bugs that have been previously disclosed and could soon come under attack.

Microsoft’s November 2024 Patch Tuesday update fixes 91 security vulnerabilities, including four zero-day vulnerabilities. Critical fixes address actively…

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November's patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today.

### Summary An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attemps to load a file that does not exist. If an attacker creates such a large file, the Netty application crash. ### Details When the library netty is loaded in a java windows application, the library tries to identify the system environnement in which it is executed. At this stage, Netty tries to load both `/etc/os-release` and `/usr/lib/os-release` even though it is in a Windows environment. <img width="364" alt="1" src="https://github.com/user-attachments/assets/9466b181-9394-45a3-b0e3-1dcf105def59"> If netty finds this files, it reads them and loads them into memory. By default : - The JVM maximum memory size is set to 1 GB, - A non-privileged user can create a directory at `C:\` and create files within it. <img width="340" alt="2" src="https://github.com/user-attachments/assets/43b359a2-5871-4592-ae2b-ffc40ac76831"> <img...

There is some disagreement over whether the remote code execution (RCE) security flaws allow for unauthenticated exploitation or not. Citrix says no, but researchers say the company is downplaying a "good old unauthenticated RCE."

Red Hat Security Advisory 2024-9114-03 - An update for gnome-shell and gnome-shell-extensions is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2024-9092-03 - An update for freerdp is now available for Red Hat Enterprise Linux 9. Issues addressed include heap overflow, integer overflow, and out of bounds read vulnerabilities.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk View ME Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local low-privileged user to escalate their privileges by changing the macro to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports that the following versions of FactoryTalk Software are affected: FactoryTalk View ME, when using default folder privileges: v14.0 and prior 3.2 Vulnerability Overview 3.2.1 Improper Input Validation CWE-20 A remote code execution vulnerability exists in FactoryTalk View ME. The vulnerability allows users to save projects within the public directory allowing anyone with local access to modify and/or delete files. Additionally, a malicious user could potentially leverage this vulnerability to escalate their privileges by changing the macro to execute arbitrary code...