Month: April 2019

MicrosoftSecurity

Analysis of a targeted attack exploiting the WinRar CVE-2018-20250 vulnerability

Credit to Author: Eric Avena| Date: Wed, 10 Apr 2019 15:00:58 +0000

A complex attack chain incorporating the CVE-2018-20250 exploit and multiple code execution techniques attempted to run a fileless PowerShell backdoor that could allow an adversary to take full control of compromised machines.

The post Analysis of a targeted attack exploiting the WinRar CVE-2018-20250 vulnerability appeared first on Microsoft Security.

Read More
IndependentKrebs

Patch Tuesday Lowdown, April 2019 Edition

Credit to Author: BrianKrebs| Date: Wed, 10 Apr 2019 00:07:33 +0000

Microsoft today released fifteen software updates to fix more than 70 unique security vulnerabilities in various flavors of its Windows operating systems and supported software, including at least two zero-day bugs. These patches apply to Windows, Internet Explorer (IE) and Edge browsers, Office, Sharepoint and Exchange. Separately, Adobe has issued security updates for Acrobat/Reader and Flash Player.

Read More