CVE-2025-55694 Windows Error Reporting Service Elevation of Privilege Vulnerability

...

A week in security (June 17 – June 23)

Last week on Malwarebytes Labs: Microsoft Recall delayed after privacy and security concerns Almost everything you always wanted to know about cybersecurity, but were too afraid to ask, with Tjitske de Vries: Lock and Code S05E13 43% of couples experience pressure to share logins and locations,...

PT-2024-2247

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to March 2024 Patch Tuesday Windows Server 2019 10.0.17763.2300 Description: A vulnerability exists in the Windows Error Reporting Service that allows attackers to gain SYSTEM-level privileges. The...

CVE-2023-36721

Windows Error Reporting Service Elevation of Privilege Vulnerability...

PT-2023-2462 · Microsoft · Windows Error Reporting Service +1

Name of the Vulnerable Software and Affected Versions: Windows Error Reporting Service affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Error Reporting Service, which can be exploited to elevate privileges. This allows an attacke...

PT-2023-1259 · Microsoft · Windows Error Reporting Service +1

Name of the Vulnerable Software and Affected Versions: Windows Error Reporting Service affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Error Reporting Service, which can be exploited to elevate privileges. This allows an attacke...

Partner Perspectives: Insight on Turla PNG Dropper

Editor's Note: This blog originally appeared on NCC Group's website. This is a short blog post on the PNG Dropper malware that has been developed and used by the Turla Group 1. The PNG Dropper was first discovered back in August 2017 by Carbon Black researchers. Back in 2017 it was being used to...