Tag Archive for: tuesday

Microsoft’s Patch Tuesday for April 2023 closes 97 security bugs, 1 zero-day flaw

/in


Recap: Every second Tuesday of the month, Microsoft rolls out its latest collection of security fixes. The unofficial ‘Patch Tuesday’ definition has been used by Microsoft in the last 20 years to describe the company’s release of security fixes for Windows and other products.

For April 2023, the company’s update focuses on closing multiple vulnerabilities as well as a nasty zero-day flaw.

According to Microsoft’s official security bulletin, patches released in April 2023 provide updates for many Windows components including the Kernel, Win32K API, .NET Core, the Azure cloud platform, Microsoft Office applications, Visual Studio, and Windows Active Directory. All things considered, the latest Patch Tuesday fixes 97 security flaws.

Seven vulnerabilities are classified with a “critical” risk level, as they could be abused to remotely execute potentially malicious code. The Patch Tuesday flaws are classified as follows: 20 elevation of privilege vulnerabilities, eight security feature bypass vulnerabilities, 45 remote code execution vulnerabilities, 10 information disclosure vulnerabilities, nine denial of service vulnerabilities, and six spoofing vulnerabilities.

The list doesn’t include 17 security flaws in Microsoft Edge that were fixed a week ago. A complete report on all the flaws and related advisories has been published by Bleeping Computer. Besides security fixes, on Patch Tuesday day Microsoft also rolled out cumulative, non-security updates for Windows 11 (KB5025239) and Windows 10 (KB5025221, KB5025229).

The single zero-day vulnerability is tracked as CVE-2023-28252, or ‘Windows Common Log File System Driver Elevation of Privilege Vulnerability.’ An attacker who successfully exploits this vulnerability could gain system privileges, Microsoft explains, meaning that they could achieve the highest access level available on a Windows OS.

According to security researchers, cyber-criminals are already trying to exploit the CVE-2023-28252 bug to spread the Nokoyawa ransomware to organizations belonging to wholesale, energy, manufacturing, and healthcare industries. The flaw is similar to another privilege escalation bug supposedly fixed by Microsoft in…

Source…

Microsoft’s Patch Tuesday update fixes 3 zero-day flaws

/in


Keeping your operating system updated is a great way to fend off cybercriminals. Many Widows updates contain patches that fix vulnerabilities that hackers can exploit. The latest Windows update is no different, as it fixes three dangerous zero-day flaws.

Read on for details on the most recent Microsoft update and how to get it.

Here’s the backstory

Microsoft just rolled out a Windows update for February’s Patch Tuesday, and it’s a big one.

The security update fixes three zero-day exploits and another 74 flaws. A zero-day exploit is a vulnerability that hackers know about and actively use. Nine of the flaws are rated as critical.

According to Nucleus Security, one significant issue is CVE-2023-23529, a WebKit Remote Code Execution flaw.

“An attacker would need to convince a user to visit a malicious application from a vulnerable device to exploit the vulnerability, which appears to have the potential to lead to local code execution,” Nucleus explains in a blog post.

In total, the critical Windows update fixes:

  • 12 Elevation of Privilege flaws.
  • Two Security Feature Bypass flaws.
  • 38 Remote Code Execution flaws.
  • Eight Information Disclosure flaws.
  • 10 Denial of Service flaws.
  • Eight Spoofing flaws.

How to update Windows 10 and Windows 11

You must frequently check your operating system to see if there are any updates available. The best way to ensure you remain protected is to set Windows to download updates automatically.

If you don’t use that setting, here’s how to manually update Windows 10:

  • Click the Start button > Settings > Update & Security > Windows Update
  • Then select Check for updates. If an update is available, select Download and install now.

Even though this update is specifically for Windows 10, you might have missed a few patches on your Windows 11 computer. 

Here’s how to update Windows 11:

  • Go to Start > Settings > Windows Update > Check for updates.
  • If an update is available, select Download and install now.

Remember that some updates require a restart, so save any work or open…

Source…

Week in review: 7 cybersecurity audiobooks to read, Patch Tuesday forecast

/in


Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

MS Exchange zero-days: The calm before the storm?
CVE-2022-41040 and CVE-2022-41082, the two exploited MS Exchange zero-days that still have no official fix, have been added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog.

October 2022 Patch Tuesday forecast: Looking for treats, not more tricks
We’ve entered the final quarter of 2022 with a favorite holiday for many – Halloween, at the end of the month. Unfortunately, Microsoft has continued to play a few tricks on us. Several Microsoft Exchange Server vulnerabilities have been reported and exploited, and the Windows 11 rollout and updates have been a little ‘rocky’.

7 cybersecurity audiobooks you should listen to this year
Audiobooks have gained enormous popularity among book lovers for a variety of factors, including their convenience, which enables listeners to learn while running errands or traveling. Here’s a list of cybersecurity audiobooks that are worthy of your time.

How to start and grow a cybersecurity consultancy
A cybersecurity industry veteran, Praveen Singh is the co-founder and Chief Information Security Advisor at CyberPWN Technologies, a digital defense consulting firm. In this interview with Help Net Security, he offers insight for anyone interested in building their own cybersecurity consultancy.

Many IT pros don’t think a ransomware attack can impact Microsoft 365 data
Nearly a quarter of businesses have suffered a ransomware attack, with a fifth occurring in the past 12 months, according to Hornetsecurity.

CISA orders federal agencies to regularly perform IT asset discovery, vulnerability enumeration
A new directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) is ordering US federal civilian agencies to perform regular asset discovery and vulnerability enumeration, to better account for and protect the devices that reside on their networks.

To avoid insider threats, try empathy
In this interview with Help Net Security, Nathan Hunstad, Deputy CISO at Code42, explains the importance of addressing insider threats, how to make sure your employees are aware of the…

Source…

Week in review: Spot deep-faked job candidates, data exfiltration via bookmarks, Patch Tuesday forecast

/in


Cybersecurity news

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Browser synchronization abuse: Bookmarks as a covert data exfiltration channel
Two universal and seemingly innocuous browser features – the ability to create bookmarks (aka “favorites”) and browser synchronization – make users’ lives easier, but may also allow hackers to establish a covert data exfiltration channel.

Ransomware gangs are hitting roadblocks, but aren’t stopping (yet)
Ransomware attacks are in decline, according to reports by several cybersecurity companies. Why is that?

Cyberattack prevention is cost-effective, so why aren’t businesses investing to protect?
In this Help Net Security interview, Former Pentagon Chief Strategy Officer Jonathan Reiber, VP Cybersecurity Strategy and Policy, AttackIQ, offers insight for CISOs – from talking to the Board to proper budget allocation.

August 2022 Patch Tuesday forecast: Printers again?
Looking ahead to next week, we have a server end-of-life and still more updates that can impact printers.

How to minimize your exposure to supply chain attacks
Supply chain attacks are on the rise, and many organizations seem unsure on how to respond to the threat. Here are are several steps you can take to minimize your risk of being involved in a supply chain breach.

The most impersonated brand in phishing attacks? Microsoft
Vade announced its H1 2022 Phishers’ Favorites report, a ranking of the top 25 most impersonated brands in phishing attacks.

6 ways your cloud data security policies are slowing innovation – and how to avoid that
As practically every organization shifts from managing their data in network-based data centers to storing it in the cloud, cloud data security policies are created to secure this data in a cloud environment. With more and more data migrating to the cloud, these policies must adapt to a wide range of data stores, locations, uses and environments.

Phishers use custom phishing kit to hijack MFA-protected enterprise Microsoft accounts
An ongoing, large-scale phishing campaign is targeting owners of business email accounts at companies in the FinTech, Lending, Insurance, Energy and…

Source…