An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows server 2012 r2 |
||
microsoft windows server 2008 r2 |
||
microsoft windows 10 1607 |
||
microsoft windows 8.1 - |
||
microsoft windows server 2016 - |
||
microsoft windows 7 - |
||
microsoft windows rt 8.1 - |
||
microsoft windows server 2012 - |
||
microsoft windows 10 - |
||
microsoft windows server 2008 - |
This month the vendor has patched 36 vulnerabilities, 7 of which are rated Critical.
Posted: 11 Dec, 201911 Min ReadThreat Intelligence SubscribeMicrosoft Patch Tuesday – December 2019This month the vendor has patched 36 vulnerabilities, 7 of which are rated Critical.This month the vendor has patched 36 vulnerabilities, 7 of which are rated Critical. As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all software with the least privileges required w...
The attackers spent a significant amount of time on victim networks.
Posted: 3 Feb, 20226 Min ReadThreat Intelligence SubscribeFollowtwitterlinkedinAntlion: Chinese APT Uses Custom Backdoor to Target Financial Institutions in TaiwanThe attackers spent a significant amount of time on victim networks.Chinese state-backed advanced persistent threat (APT) group Antlion has been targeting financial institutions in Taiwan in a persistent campaign over the course of at least 18 months. The attackers deployed a cust...
Back in October 2019 we detected a classic watering-hole attack on a North Korea-related news site that exploited a chain of Google Chrome and Microsoft Windows zero-days. While we’ve already published blog posts briefly describing this operation (available here and here), in this blog post we’d like to take a deep technical dive into the exploits and vulnerabilities used in this attack. In the original blog post we described the exploit loader responsible for initial validation of the targe...
In November 2019, Kaspersky technologies successfully detected a Google Chrome 0-day exploit that was used in Operation WizardOpium attacks. During our investigation, we discovered that yet another 0-day exploit was used in those attacks. The exploit for Google Chrome embeds a 0-day EoP exploit (CVE-2019-1458) that is used to gain higher privileges on the infected machine as well as escaping the Chrome process sandbox. The exploit is very similar to those developed by the prolific 0-day develope...
End 2019 with a Patch Tuesday from Microsoft, Adobe, SAP and Intel
With the year winding to a close and the holiday parties set to kick off, admins will want to check out the December Patch Tuesday load from Microsoft, Adobe, Intel, and SAP and get them installed before downing the first of many egg nogs. This month is a relatively small patch bundle from Microsoft, with fixes kicked out for just 36 CVE-listed bugs, only seven of which are considered to be critical risks by Redmond standards. Not among those seven is CVE-2019-1458, a flaw believed to be under a...