[updated] You can update now: Microsoft patches 97 bugs including 6 zero-days and a wormable one

Credit to Author: Pieter Arntz| Date: Wed, 12 Jan 2022 17:02:25 +0000

The first Patch Tuesday of the year 2022 is here. Make sure you’re up to date!

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post [updated] You can update now: Microsoft patches 97 bugs including 6 zero-days and a wormable one appeared first on Malwarebytes Labs.

Read more

Update now: Microsoft patches 97 bugs including 6 zero-days and a wormable one

Credit to Author: Pieter Arntz| Date: Wed, 12 Jan 2022 17:02:25 +0000

The first Patch Tuesday of the year 2022 is here. Make sure you’re up to date!

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post Update now: Microsoft patches 97 bugs including 6 zero-days and a wormable one appeared first on Malwarebytes Labs.

Read more

Google patches zero-day vulnerability, and others, in Android

Credit to Author: Pieter Arntz| Date: Tue, 02 Nov 2021 16:48:46 +0000

Google has patched 39 vulnerabilities, some of which are rated as critical and one that may be under limited, targeted exploitation.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post Google patches zero-day vulnerability, and others, in Android appeared first on Malwarebytes Labs.

Read more

HiveNightmare zero-day lets anyone be SYSTEM on Windows 10 and 11

Credit to Author: Pieter Arntz| Date: Wed, 21 Jul 2021 14:31:50 +0000

HiveNightmare, aka SeriousSAM, allows attackers to extract hashed passwords from Shadow copies of the registry.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post HiveNightmare zero-day lets anyone be SYSTEM on Windows 10 and 11 appeared first on Malwarebytes Labs.

Read more

The 1337est Print Spooler bug fixed in August, 2020’s Patch Tuesday

Credit to Author: Andrew Brandt| Date: Tue, 11 Aug 2020 18:34:52 +0000

Windows fixes address 60 privilege escalations and 33 remote code execution bugs<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/iOX2tG7c-uY” height=”1″ width=”1″ alt=””/>

Read more

Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005

Credit to Author: msft-mmpc| Date: Mon, 27 Mar 2017 15:00:01 +0000

On March 14, 2017, Microsoft released security bulletin MS17-013 to address CVE-2017-0005, a vulnerability in the Windows Win32k component that could potentially allow elevation of privileges. A report from a trusted partner identified a zero-day exploit for this vulnerability. The exploit targeted older versions of Windows and allowed attackers to elevate process privileges on these platforms. In this article, we…

Read more