Patchday: attackers use six security swags in windows

Patchday: attackers use six security swags in windows

Currently, there are attackers on six security swagen in different Windows and Windows server versions. In some cases, shadcode could land on systems. If the, Erlang attacker usually the full control over computer. According to Microsoft, another vulnerability is publicly known. Attacks could be near.

Admins and Windows users should ensure that the current security patches are installed via Windows Update. In addition, there are still patches for .Net Core, Edge, Hyper-V, Office, SharePoint and Visual Studio. In total, Microsoft has published 50 security patches. A compact overview of all updates on this patchday can be found in the blog of Trend Micros Zero Day initiative.

Attention attack!

Three of the currently actively exploited looks are with the degree of threat "high" classy. They relate to Windows MSHTML Platform (CVE-2021-33742), Microsoft DWM Core Library (CVE-2021-33739) and Windows NTFS (CVE-2021-31956).

The MSHTML-LUCKE threatens Microsoft according to Windows versions in the support. The error can be found in the Trident (MSHTML) Engine, which use additional applications next to Internet Explorer. For a successful attack, attackers have to lure victims on a predatory website. Afterwards, it could lead to the execution of malicious code. In which abrasion the attacks run, is currently unknown.

Successfully set the attacker to the DWM Core and NTFS lights, they were able to acquire high user rights. The three other exploited lights relate to Microsoft Enhanced Cryptograhpic Provider and Windows Kernel. They are with the threat of threat "middle" classy. An attacker could take information to Leek or Herere user rights.

Also dangerous

A vulnerability (CVE-2021-31968) in Windows Remote Desktop Services (RDP) is already publicly known. So it could come up close to DOS attacks. Other than Microsoft as a particularly threatening prestigious look can be found in Defender, Scripting Engine, SharePoint and VP9 Video Extensions. At these places it could come to remote code execution attacks.

Like this post? Please share to your friends:
Leave a Reply

;-) :| :x :twisted: :smile: :shock: :sad: :roll: :razz: :oops: :o :mrgreen: :lol: :idea: :grin: :evil: :cry: :cool: :arrow: :???: :?: :!: