Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens

Cybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user's NT LAN Manager NTLM tokens by tricking a victim into opening a specially crafted Microsoft Access file. The attack takes advantage of a legitimate feature in the database...

Unofficial Patch Released for New Actively Exploited Windows MotW Vulnerability

An unofficial patch has been made available for an actively exploited security flaw in Microsoft Windows that makes it possible for files signed with malformed signatures to sneak past Mark-of-the-Web MotW protections. The fix, released by 0patch, arrives weeks after HP Wolf Security disclosed a...

State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S

A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office "Follina" vulnerability to target government entities in Europe and the U.S. Enterprise security firm Proofpoint said it blocked attempts at exploiting the remote code execution flaw...

Microsoft’s privilege escalation vulnerability that refuses to go away

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here After seven months, a vulnerability that was addressed in August 2021 patch Tuesday remained unpatched. This locally exploited vulnerability is tracked as CVE-2021-34484 and affects the Windows User Profile Service. While...

Microsoft could not patch this vulnerability yet again

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. An improperly patched Windows vulnerability CVE-2021-24084 can lead to local privilege escalation and information disclosure. The vulnerability was disclosed in October 2020 and even after Microsoft addressed this...

CVE-2021-26897

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895. Recent assessments: architect00 at April 14, 2021 6:08am UTC reported: Vulnerability Overview 0patch released a blog article about their micro patch...

Zerologon Patches Roll Out Beyond Microsoft

UPDATE The “perfect” Windows vulnerability known as the Zerologon bug is getting a patch assist from two non-Microsoft sources, as they strive to fill in the gaps that the official fix doesn’t address. They roll out as Microsoft announced that it is tracking active exploitation in the wild. “We...

Unpatched Critical Flaw Disclosed in Zoom Software for Windows 7 or Earlier

A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a victim's computer running Microsoft Windows 7 or older. To successfully exploit the zoom vulnerability, all an attacker needs to do is tricking ...

Zoom Zero-Day Allows RCE, Patch on the Way

UPDATE A newly discovered bug in the Zoom Client for Windows could allow remote code-execution, according to researchers at 0patch, which disclosed the existence of the flaw on Thursday after pioneering a proof-of-concept exploit for it. The issue was confirmed for Threatpost by a Zoom...

Zero-Day No More: Windows Bug Gets a Fix

The local privilege-escalation LPE zero-day bug in Microsoft Task Scheduler, disclosed by SandboxEscaper on Twitter in late May by way of making public a fully functioning exploit, now has a micropatch. The interim fix, from 0patch, was issued Tuesday to address the vulnerability. The bug would...

Unpatched Microsoft Zero-Day in JET Allows Remote Code-Execution

A Microsoft zero-day has been uncovered that could allow remote code-execution; and as of now, it remains unpatched. According to Trend Micro’s Zero Day Initiative ZDI, the flaw is an out-of-bounds OOB write in the Microsoft JET Database Engine, which underlies the Microsoft Access and Visual Bas...

In-depth analysis of the N. S. A. took 5 years of IIS vulnerability-vulnerability warning-the black bar safety net

Source: Xuanwu lab Author: Ke Liu of Tencent’s Xuanwu Lab The 1. Vulnerability description 1.1 exploit description 2017 3 November 27, from South China University of technology the Zhiniang Peng and Chen Wu in GitHub 1 discloses an IIS 6.0 vulnerability exploit code, and specify its may 2016 7...

CVE-2017-0037: the IE11&Edge Type Confusion from the PoC to the half of the Exploit-vulnerability warning-the black bar safety net

Some time ago Google Project ZeroPJ0of the exposure a on IE11 and Edge of a type confusion caused by code execution vulnerabilities, Microsoft has not introduced about this vulnerability patch, I am on this vulnerability analysis, and by PoC constructed the half of the Exploit, why is half of it,...

ACROS Security 0patch (0PatchServicex64.exe) Unquoted Service Path Privilege Escalation

Summary 0patch pronounced 'zero patch' is a platform for instantly distributing, applying and removing microscopic binary patches to/from running processes without having to restart these processes much less reboot the entire computer. Description The application suffers from an unquoted search...

ACROS Security 0patch 2016.05.19.539 Privilege Escalation

ACROS Security 0patch 0PatchServicex64.exe Unquoted Service Path Privilege Escalation Vendor: ACROS, d.o.o. Product web page: https://www.0patch.com Affected version: 2016.05.19.539 Summary: 0patch pronounced 'zero patch' is a platform for instantly distributing, applying and removing microscopic...

ACROS Security 0patch 2016.05.19.539 - 0PatchServicex64.exe Unquoted Service Path Privilege Escalation

ACROS Security 0patch 2016.05.19.539 - 0PatchServicex64.exe Unquoted Service Path Privilege Escalation ACROS Security 0patch 0PatchServicex64.exe Unquoted Service Path Privilege Escalation Vendor: ACROS, d.o.o. Product web page: https://www.0patch.com Affected version: 2016.05.19.539 Summary:...

ACROS Security 0patch 2016.05.19.539 - (0PatchServicex64.exe) Unquoted Service Path Privilege Escala

Exploit for windows platform in category local exploits ACROS Security 0patch 0PatchServicex64.exe Unquoted Service Path Privilege Escalation Vendor: ACROS, d.o.o. Product web page: https://www.0patch.com Affected version: 2016.05.19.539 Summary: 0patch pronounced 'zero patch' is a platform for...

ACROS Security 0patch 2016.05.19.539 - '0PatchServicex64.exe' Unquoted Service Path Privilege Escalation

ACROS Security 0patch 0PatchServicex64.exe Unquoted Service Path Privilege Escalation Vendor: ACROS, d.o.o. Product web page: https://www.0patch.com Affected version: 2016.05.19.539 Summary: 0patch pronounced 'zero patch' is a platform for instantly distributing, applying and removing microscopic...