Tag Archive for: patch

Microsoft’s February 2024 Patch Tuesday Addresses 2 Zero-Days and 73 Vulnerabilities

/in


Microsoft has released a substantial set of patches in its February 2024 Patch Tuesday. This update is particularly significant as it addresses a total of 73 vulnerabilities, which includes two zero-day exploits that have been detected in active use by cyber criminals. Among the vulnerabilities patched, five have been classified as critical due to their potential to cause serious harm, such as denial of service, remote code execution, information disclosure and elevation of privileges. Read on for more details.  

What are the zero-days mentioned in Microsoft’s February 2024 Patch Tuesday?  

The two zero-day vulnerabilities that have been actively exploited are particularly concerning: 

  • CVE-2024-21351: This is a Windows SmartScreen bypass vulnerability. SmartScreen is designed to warn users about running unrecognized applications that could potentially be harmful. The exploitation of this vulnerability could lead to unauthorized data exposure or render systems unavailable. 
  • CVE-2024-21412: This vulnerability is a security feature bypass flaw. It allows attackers to carry out their attacks without triggering the security checks that are in place to prevent such incidents. 

The implications of these vulnerabilities are severe, as they can be used to compromise user data, disrupt business operations and gain unauthorized access to sensitive information. The complete list of resolved vulnerabilities in the February 2024 Patch Tuesday updates can be viewed in the full report. 

What is Nuspire doing? 

In response to these updates, Nuspire has taken immediate action by applying the patches as recommended by the vendor. In addition to patching, Nuspire’s security team is actively threat hunting within client environments to detect any signs of compromise that might indicate the exploitation of these vulnerabilities. 

What should I do? 

It is crucial for organizations to take proactive measures to protect their systems and data from these vulnerabilities. Here are the recommended steps: 

  • Prioritize Patching: Given the active exploitation of the two zero-days, organizations should prioritize patching these vulnerabilities. The sooner these patches are applied, the less…

Source…

DarkMe Malware Exploits Windows Defender Vulnerability: Microsoft Issues Patch

/in


Cybersecurity firm Trend Micro’s Zero Day Initiative recently unmasked a critical vulnerability, designated as CVE 2024-21412, that enabled the notorious APT group Water Hydra to circumvent Microsoft Defender SmartScreen and unleash the DarkMe malware upon unsuspecting victims. In a timely response, Microsoft has since patched the vulnerability, and Trend Micro now offers protection against this insidious threat.

The DarkMe Malware: A Sinister Force Unleashed

The DarkMe malware, a formidable adversary in the cyber world, has gained notoriety for its ability to infiltrate systems and wreak havoc on a grand scale. This malware variant, also known as TrojanWin32Powessere.G or ‘POWERLIKS’, typically employs the rundll32.exe file to execute its nefarious operations. Under normal circumstances, Windows Defender thwarts such attempts, presenting attackers with an ‘Access is denied’ error message.

However, the recently discovered vulnerability has provided a chink in Windows Defender’s armor, allowing the DarkMe malware to slip through the cracks and infect countless systems. By inserting multi-commas (,,) when referencing mshtml, cybercriminals found a way to bypass the mitigation measures, enabling the trojan to execute successfully and leaving victims at the mercy of the Water Hydra APT group.

The Vulnerability: A Critical Flaw in Windows Defender SmartScreen

The vulnerability, classified as having a high severity rating, requires local network access to be exploited. This means that an attacker must first gain entry to a victim’s network before they can capitalize on the flaw. Once inside, the attacker can then leverage the vulnerability to bypass Windows Defender SmartScreen, paving the way for the DarkMe malware to infiltrate the system.

The discovery of this vulnerability has sent shockwaves through the cybersecurity community, as it highlights the ever-evolving nature of the threats we face in today’s digital landscape. As cybercriminals continue to refine their tactics and develop new methods of attack, it’s crucial that cybersecurity professionals remain vigilant and proactive in their efforts to protect against such…

Source…

Motorola Rolls Out Android 14 Beta On Moto G54 5G; Features New Security Patch

/in


The Moto G54 5G has started to receive the Android 14 (Beta) update, along with December 2023 security patch and a firmware version of U1TD34.68. Check details here.

New Delhi: Exciting news for Moto G54 users! The Motorola phone with and MediaTek Dimensity 7020 has received the Android 14 Beta update for Indian users. This 1.6 GB update is bundled with the December 2023 security patch and firmware version U1TD34.68 that has made the smartphone more secure. Notably, Moto G54 was launched in India in September last year, and came with pre-installed Android 13 out of the box. Here are details on the features on the new OS update.

Advertising




Advertising

All New Android 14 Beta On Moto G54 5G

The latest Android version is an upgrade to the existing Android 13, which was pre-installed on the smartphone at the time of its launch in India. The update includes a new firmware version, U1TD34.68, and a security patch to protect users from potential vulnerabilities and threats. The features also include advanced memory protection to shield the device from exploits on Armv9 silicon and other new ones. Here is the updated changelog for Android 14 Beta for the Moto G54 5G.

Also Read

More Technology News

Android 14 Beta (U1TD34.68) Changelog:

Personalisation:

  • More Personalisation Options: You have more options to customise the theme, look, and feel of your smartphone, for example, lock screen clock styles, app icons, and notification bubbles.
  • Custom Lock Screen Shortcuts: You can add quick access to your most used features, say a QR reader or Google Home, directly on your lock screen.
  • Curated Lock Screen Themes: You can choose from a selection of pre-made themes that adapt to your wallpaper and preferences, all up to you.

Accessibility:

  • Larger Fonts: Now you can scale text up to 200% for improved readability.
  • Non-linear Font Scaling: This feature ensures that only the text you need gets bigger,…

Source…

Samsung Galaxy A32 5G gets updated with December 2023 security patch

/in


While other phones are getting the Android 14 update, older Galaxy phones that are not eligible for that update are getting the December 2023 security update. One such phone is the Galaxy A32 5G. The device is getting the December 2023 security update in several Latin American countries.

Galaxy A32 5G gets December 2023 security update in Latin America

The December 2023 security update is now rolling out to the Galaxy A32 5G, and it comes with firmware version A326BXXS9CWK9. The update is available in Brazil, Chile, Colombia, and the Dominican Republic. It fixes 75 security flaws found in the previous version of the phone’s software. Since it is just a security update, don’t expect it to bring any new features or performance improvements.

If you have a Galaxy A32 5G and if you live in any of the Latin American countries mentioned above, you can now check for the new security update. You can do that by navigating to Settings » Software update and tapping Download and install. You can also use the manual firmware flashing process, but you would need to download the appropriate firmware file (version mentioned above) from our database and use the Odin tool on a computer running the Windows OS.

Samsung launched the Galaxy A32 5G in early 2021 with Android 11 onboard. It received the Android 12 update later that year and the Android 13 update in late 2022. It will not get the Android 14 update that has been released for several Samsung smartphones and tablets.

If you want to check out Android 14 (One UI 6.0) features, watch our in-depth video below. Moreover, you can upgrade from your Galaxy A32 5G to the Galaxy A34 by clicking the button below the video.

Source…