21 matches found
Metasploit Wrap-Up
Callback Hell Metasploit has now added an exploit module for CVE-2021-40449, a Windows local privilege escalation exploit caused by a use-after-free during the NtGdiResetDC callback in vulnerable versions of win32k.sys. This module can be used to escalate privileges to those of NT AUTHORITY\SYSTE...
Exploit for Use After Free in Microsoft
CVE-2021-40449 More info here: https://kristal-g.github.io/20...
Security News: Microsoft Patch Tuesday October 2021, Autodiscover, MysterySnail, Exchange, DNS, Apache, HAProxy, VMware vCenter, Moodle
Hello everyone! This episode will be about relatively recent critical vulnerabilities. Lets start with Microsoft Patch Tuesday for October 2021. Specifically, with the vulnerability that I expected there, but it didnt get there. Autodiscover leak discovered by Guardicore Labs "Autodiscover, a...
Exploit for Use After Free in Microsoft
CallbackHell Exploit for CVE-2021-40449 Win32k - LPE - Ca...
Patch now! Microsoft fixes 71 Windows vulnerabilities in October Patch Tuesday
Yesterday we told you about Apple’s latest patches. Today we turn to Microsoft and its Patch Tuesday. Microsoft tends to provide a lot of information around its patches and, so, theres a lot to digest and piece together to give you an overview of the most important ones. In total, Microsoft has...
CVE-2021-40449
creationtimestamp| type| source ---|---|--- 2021-10-13 09:10:32+00:00| published-proof-of-concept| https://t.me/orderofsixangles/1628 2021-10-13 11:01:48+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus32/2021 2021-10-13 11:26:25+00:00| seen| https://t.me/reversedungeon/919...
Update Your Windows PCs Immediately to Patch New 0-Day Under Active Attack
Microsoft on Tuesday rolled out security patches to contain a total of 71 vulnerabilities in Microsoft Windows and other software, including a fix for an actively exploited privilege escalation vulnerability that could be exploited in conjunction with remote code execution bugs to take control ov...
CVE-2021-40449
Win32k Elevation of Privilege Vulnerability...
CVE-2021-40449
Win32k Elevation of Privilege Vulnerability...
CVE-2021-40449
CVE-2021-40449 is a Win32k use-after-free local privilege escalation in GreResetDCInternal. The vulnerability arises when a user‑mode callback hook on the driver’s PDEV path (DrvEnablePDEV) can trigger a subsequent ResetDC call, freeing the original device context and causing a kernel‑mode use‑af...
CVE-2021-40449
Win32k Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
Microsoft Windows Multiple Vulnerabilities (KB5006714)
This host is missing a critical security update according to Microsoft KB5006714 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB5006743)
This host is missing a critical security update according to Microsoft KB5006743 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Patch Tuesday, October 2021 Edition
Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including one vulnerability that is already being exploited. This months Patch Tuesday also includes security fixes for the newly released Windows 11 operating system. Separatel...
Windows Zero-Day Actively Exploited in Widespread Espionage Campaign
Researchers have discovered a zero-day exploit for Microsoft Windows that was being used to elevate privileges and take over Windows servers as part of a Chinese-speaking advanced persistent threat APT espionage campaign this summer. The exploit chain ended with a freshly discovered remote access...
MysterySnail attacks with Windows zero-day
Executive Summary In late August and early September 2021, Kaspersky technologies detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. The exploit had numerous debug strings from an older, publicly known exploit for vulnerability CVE-2016-3309,...
KB5006728: Windows 7 and Windows Server 2008 R2 Security Update (October 2021)
The remote Windows host is missing security update 5006728. It is, therefore, affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself is...
KB5006699: Windows Server 2022 Security Update (October 2021)
The remote Windows host is missing security update 5006699. It is, therefore, affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself is...
KB5006674: Windows 11 Security Update (October 2021)
The remote Windows host is missing security update 5006674. It is, therefore, affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself is...
KB5006732: Windows Server 2012 Security Update (October 2021)
The remote Windows host is missing security update 5006732. It is, therefore, affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself i...