Lucene search
K

8 matches found

Information Security Automation
Information Security Automation
added 2024/10/30 10:51 a.m.29 views

What is known about the Spoofing – Windows MSHTML Platform (CVE-2024-43573) vulnerability from the October Microsoft Patch Tuesday?

What is known about the Spoofing - Windows MSHTML Platform CVE-2024-43573 vulnerability from the October Microsoft Patch Tuesday? In fact, just that it is being exploited in the wild. There are no write-ups or public exploits yet. The Acknowledgements section in the Microsoft bulletin is empty. I...

8.1CVSS7AI score0.84345EPSS
Exploits0
Talos Blog
Talos Blog
added 2024/10/10 6:0 p.m.34 views

What NIST’s latest password standards mean, and why the old ones weren’t working

Say goodbye to the days of using the "@" symbol to mean "a" in your password or replacing an "S" with a "$." The U.S. National Institute of Standards and Technology NIST recently announced new guidelines for the ways website and organizations should handle password creation and management that wi...

8.1CVSS9.9AI score0.60954EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/10/09 6:53 a.m.60 views

Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild

Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday...

9.8CVSS8.6AI score0.84345EPSS
Exploits5
Talos Blog
Talos Blog
added 2024/10/08 7:4 p.m.44 views

Largest Patch Tuesday since July includes two exploited in the wild, three critical vulnerabilities

The largest Microsoft Patch Tuesday since July includes two vulnerabilities that have been exploited in the wild and three other critical issues across the company's range of hardware and software offerings. October's monthly security update from Microsoft includes fixes for 117 CVEs, the most in...

9.8CVSS10AI score0.60954EPSS
Exploits4
Vulnrichment
Vulnrichment
added 2024/10/08 5:35 p.m.29 views

CVE-2024-43573 Windows MSHTML Platform Spoofing Vulnerability

...

6.5CVSS7.2AI score0.44382EPSS
Exploits0References1
CVE
CVE
added 2024/10/08 5:35 p.m.481 views

CVE-2024-43573

CVE-2024-43573 is a Windows MSHTML Platform Spoofing vulnerability. Public sources confirm it affects MSHTML in Windows and that patches were released (Microsoft Update Guide). There is evidence of exploitation in the wild for MSHTML-related spoofing vulnerabilities, including references noting a...

8.1CVSS7.4AI score0.44382EPSS
In wildExploits0References2Affected Software14
Cvelist
Cvelist
added 2024/10/08 5:35 p.m.88 views

CVE-2024-43573 Windows MSHTML Platform Spoofing Vulnerability

...

6.5CVSS0.44382EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/10/08 12:0 a.m.27 views

CVE-2024-43573

Windows MSHTML Platform Spoofing Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

8.1CVSS6.9AI score0.44382EPSS
In wildExploits0References2
Rows per page
Query Builder