Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the accelerated-mobile-pages domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Deprecated: Optional parameter $options declared before required parameter $ad is implicitly treated as a required parameter in /www/cisomagcom_810/public/wp-content/plugins/advanced-ads/classes/display-conditions.php on line 208

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the easy-digital-downloads domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edd_cfm domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edds domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edd-recurring domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Deprecated: Optional parameter $params declared before required parameter $secretWord is implicitly treated as a required parameter in /www/cisomagcom_810/public/wp-content/plugins/edd-2checkout/sdk/lib/Twocheckout/TwocheckoutReturn.php on line 6

Deprecated: Optional parameter $insMessage declared before required parameter $secretWord is implicitly treated as a required parameter in /www/cisomagcom_810/public/wp-content/plugins/edd-2checkout/sdk/lib/Twocheckout/TwocheckoutNotification.php on line 6

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edd-recurring domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the Newsmag domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Warning: Cannot modify header information - headers already sent by (output started at /www/cisomagcom_810/public/wp-includes/functions.php:6121) in /www/cisomagcom_810/public/wp-content/themes/Newsmag/functions.php on line 616

Warning: Cannot modify header information - headers already sent by (output started at /www/cisomagcom_810/public/wp-includes/functions.php:6121) in /www/cisomagcom_810/public/wp-includes/feed-rss2.php on line 8
vulnerability fixes Archives - CISO MAG | Cyber Security Magazine Beyond Cyber Security Tue, 20 Oct 2020 16:19:20 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.1 CISA Advises Enterprises to Patch Two Critical Microsoft Vulnerabilities https://staging-cisomagcom.kinsta.cloud/critical-patch-tuesday-vulnerabilities/ Tue, 20 Oct 2020 16:19:20 +0000 https://staging-cisomagcom.kinsta.cloud/?p=7405 Last week, Microsoft released the Patch Tuesday Update for October 2020. For the first time in seven consecutive months it fixed less than 100 vulnerabilities, 87 to be precise. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has taken note of the entire list of fixed vulnerabilities, and on Friday issued an advisory for enterprises’ […]

The post CISA Advises Enterprises to Patch Two Critical Microsoft Vulnerabilities appeared first on CISO MAG | Cyber Security Magazine.

]]> Last week, Microsoft released the Patch Tuesday Update for October 2020. For the first time in seven consecutive months it fixed less than 100 vulnerabilities, 87 to be precise. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has taken note of the entire list of fixed vulnerabilities, and on Friday issued an advisory for enterprises’ specifically asking them to apply required patches for the two Microsoft vulnerabilities – RCE Windows Codecs and Visual Studio Code – in last week’s Patch Tuesday update.

The two CVEs, CVE-2020-17022 and CVE-2020-17023, had a CVSS rating of 7.8 and were highlighted as “important” by Microsoft. Talking about the severity of the vulnerabilities disclosed, Tenable’s Security Response Manager, Rody Quinlan, said, “The former is a remote code execution (RCE) vulnerability in the Microsoft Windows Codecs Library given how it handles objects in memory, specifically versions prior to 1.0.32762.0 or 1.0.32763.0 of the High-Efficiency Video Coding (HVEC) video codecs. However, the latter is an RCE vulnerability in Visual Studio Code that can be triggered by the opening of a malicious “package.json” file. This vulnerability stems from an unsuccessful patch for CVE-2020-16881 released as part of Microsoft’s regular Patch Tuesday updates in September.”

Related News:
October Patch Tuesday Alert! Microsoft Fixes 87 Vulnerabilities Including 11 Critical Ones

Quinlan also explained that although these are RCEs, both require a degree of social engineering to exploit. In the case of CVE-2020-17022, a threat actor would need to convince a victim to use a program to process a maliciously crafted image file. For CVE-2020-17023, a threat actor must convince a victim to clone a repository, with a malicious “package.json” and open it in Visual Studio Code. But there is one similarity between the two. If exploited successfully, either of the vulnerability results in the execution of arbitrary code on the target system.

CISO MAG Endpoint Security SurveyComplete the Endpoint Security Survey and win lots of amazing goodies!

Take the Survey Now!!!

Microsoft does not commonly release out-of-band (OOB) patches. However, in the case of CVE-2020-17022, Microsoft notes, “These updates are for optional apps/components that are offered to customers as a download via the Microsoft Store,” hence the OOB patching approach. For CVE-2020-17022, Microsoft notes, “Affected customers will be automatically updated by Microsoft Store.”

With CVE-2020-17023 requiring an update, coupled with an out-of-band advisory, both CISA and Quinlan have encouraged administrators to patch this vulnerability quickly. While Microsoft highlights that there has been no exploitation observed in the wild, the follow up of the CISA advisory suggests that administrators should review the patches and apply the updates if necessary.

Related News:
CISA Issues Advisory on Mitigating Risks Originating from Tor

The post CISA Advises Enterprises to Patch Two Critical Microsoft Vulnerabilities appeared first on CISO MAG | Cyber Security Magazine.

]]> October Patch Tuesday Alert! Microsoft Fixes 87 Vulnerabilities Including 11 Critical Ones https://staging-cisomagcom.kinsta.cloud/microsoft-patch-tuesday-october-2020/ Thu, 15 Oct 2020 07:20:17 +0000 https://staging-cisomagcom.kinsta.cloud/?p=7353 Like most other tech companies, 2020 has been a tough year for the tech giant Microsoft. In the past seven consecutive months, it has released more than 100 vulnerability fixes in each of its monthly Patch Tuesday updates. If we are to believe, it is probably the support for a distributed workforce that added to […]

The post October Patch Tuesday Alert! Microsoft Fixes 87 Vulnerabilities Including 11 Critical Ones appeared first on CISO MAG | Cyber Security Magazine.

]]> Like most other tech companies, 2020 has been a tough year for the tech giant Microsoft. In the past seven consecutive months, it has released more than 100 vulnerability fixes in each of its monthly Patch Tuesday updates. If we are to believe, it is probably the support for a distributed workforce that added to the strain of fixing certain issues, which weren’t critical previously. However, this busy year seems to be finally getting better as Microsoft’s Patch Tuesday for October 2020 contained only 87 vulnerability fixes, yet 11 critical ones.

What’s Included in Microsoft Patch Tuesday October 2020

The October release exclusively consists of security fixes for the following software:

  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Microsoft JET Database Engine
  • Azure Functions
  • Open Source Software
  • Microsoft Exchange Server
  • Visual Studio
  • PowerShellGet
  • Microsoft .NET Framework
  • Microsoft Dynamics
  • Adobe Flash Player
  • Microsoft Windows Codecs Library
Related Story

Microsoft Fixes 129 Vulnerabilities in its September Patch Tuesday

Tenable’s Staff Research Engineer, Satnam Narang, agrees with our commentary and says, “It has been an unusually busy year for Microsoft Patch Tuesday updates. This month’s Patch Tuesday includes fixes for 87 CVEs, 11 of which are rated critical. It also marks the first time since February that Microsoft patched less than 100 CVEs in a single release. These are positive signs. It means Microsoft is getting secured and much more stable adjusting to the current tech demands in the market.”

A Peep into the Vulnerabilities Fixed

Although discussing all 87 vulnerabilities is beyond the scope of this article, let’s have a look at the most critical ones below. For the complete list refer Microsoft’s Release Notes here.

 CVE-2020-16898 : Windows TCP/IP Remote Code Execution Vulnerability

Dubbed as “Bad Neighbor,” CVE-2020-16898, is a critical remote code execution (RCE) vulnerability within the Windows TCP/IP stack. The vulnerability exists due to improper handling of ICMPv6 Router Advertisement packets using Option Type 25 and an even length field. According to a blog post from McAfee, Microsoft Active Protections Program (MAPP) members were provided with a test script that successfully demonstrates exploitation of this vulnerability to cause a denial of service (DoS). While the test scenario does not provide the ability to pivot to RCE, an attacker could craft a wormable exploit to achieve RCE. While an additional bug would be required to craft an exploit, it is likely that we will see proof-of-concept (PoC) code released in near future.

 CVE-2020-16899 : Windows TCP/IP Denial of Service Vulnerability

This CVE is similar to the previous CVE and results from improper handling of ICMPv6 Router Advertisement packets. To exploit this flaw, an attacker needs to send manipulated ICMPv6 Router Advertisement packets which could cause the system to stop responding. While Microsoft does recommend applying security update to patch this flaw, a workaround is available via a PowerShell command to disable ICMPv6 RDNSS (Recursive DNS Server) in the event the patch cannot be immediately applied.

 CVE-2020-16951, CVE-2020-16952 : Microsoft SharePoint Remote Code Execution Vulnerability

These RCE vulnerabilities in Microsoft SharePoint are a result of a failure to validate an application package’s source markup. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code under the context of the SharePoint application pool and the SharePoint server farm account.

 CVE-2020-16947 : Microsoft Outlook Remote Code Execution Vulnerability

This RCE flaw in Microsoft Outlook occurs due to the improper handling of objects in memory. An attacker can exploit this vulnerability using a crafted email file sent to a user using a vulnerable version of Microsoft Outlook. Because Outlook’s Preview Pane is affected by this flaw, a user does not have to open the message for the vulnerability to be exploited. As Outlook is widely used as an enterprise email solution, it is highly recommended to prioritize the patching of this CVE.

 CVE-2020-16929, CVE-2020-16930, CVE-2020-16931, CVE-2020-16932 : Microsoft Excel Remote Code Execution Vulnerability

To exploit these vulnerabilities, an attacker must create a malicious Excel file and prompt its victim to open the file using a vulnerable version of Microsoft Excel, either by attaching the file to an email or hosting it on a website. Successful exploitation would allow an attacker to gain arbitrary code execution on the vulnerable system with the same rights as the current user. The exploitation of this vulnerability can become critical if the current user has administrative privileges, which could grant the attacker the ability to perform a complete takeover of the vulnerable system.

The post October Patch Tuesday Alert! Microsoft Fixes 87 Vulnerabilities Including 11 Critical Ones appeared first on CISO MAG | Cyber Security Magazine.

]]>