Threat Source newsletter for Aug. 13, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. It’s really tough to attribute cyber attacks. We know it. You know it. But why is that, exactly? And why do we want to attribute attacks so badly anyway? In our latest blog post, we look at why attribution is challenging, and what...

Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft

Two Microsoft vulnerabilities are under active attack, according the software giant’s August Patch Tuesday Security Updates. Patches for the flaws are available for the bugs, bringing this month’s total number of vulnerabilities to 120. One of the flaws being exploited in the wild is CVE-2020-146...

August 2020 Patch Tuesday – 120 Vulnerabilities, 17 Critical, Media Foundation, Windows Codecs, Workstation, Adobe

This month’s Microsoft Patch Tuesday addresses 120 vulnerabilities with 17 of them labeled as Critical. The 17 Critical vulnerabilities cover Media Foundation, .NET Framework, Browsers, Scripting Engines, Office, Outlook, Windows Codecs and several other workstation vulnerabilities. Adobe release...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

CVE-2020-1337 CVE-2020-1337 is a bypass of PrintDemon...

Microsoft Patch Tuesday July 2020: my new open source project Vulristics, DNS SIGRed, RDP Client and SharePoint

I am doing this episode about July vulnerabilities already in August. There are 2 reasons for this. First of all, July Microsoft Patch Tuesday was published in the middle of the month, as late as possible. Secondly, in the second half of July I spent my free time mostly on coding. And I would lik...

Microsoft Tackles 123 Fixes for July Patch Tuesday

A critical DNS bug and a publicly known elevation-of-privilege flaw top Microsoft’s July Patch Tuesday list of 123 fixes. The DNS flaw is a remote code-execution bug and is touted as one of the most critical Windows vulnerabilities released this year, earning the highest-severity CVSS score of 10...

July 2020 Patch Tuesday – 123 Vulnerabilities, 18 Critical, Hyper-V RemoteFX, DNS Server, Workstation, Adobe

This month’s Microsoft Patch Tuesday addresses 123 vulnerabilities with 18 of them labeled as Critical. The 18 Critical vulnerabilities cover Hyper-V, DNS Server, PerformancePoint, SharePoint Server, Office, Outlook, Remote Desktop, and several other workstation vulnerabilities. Adobe issued...

17-Year-Old Critical 'Wormable' RCE Vulnerability Impacts Windows DNS Servers

Cybersecurity researchers today disclosed a new highly critical "wormable" vulnerability—carrying a severity score of 10 out of 10 on the CVSS scale—affecting Windows Server versions 2003 to 2019. The 17-year-old remote code execution flaw CVE-2020-1350, dubbed 'SigRed ' by Check Point, could all...

Microsoft Patch Tuesday for July 2020 — Snort rules and prominent vulnerabilities

By Jon Munshaw. Microsoft released its monthly security update Tuesday, disclosing more than 120 vulnerabilities across its array of products. While only a few vulnerabilities are considered critical, users of all Microsoft and Windows products are urged to update their software as soon as possib...

Microsoft Patch Tuesday June 2020: The Bleeding Ghost of SMB

This time, Microsoft addressed 129 vulnerabilities: 11 critical and 118 important. In fact, in the file that I exported from the Microsoft website, I saw 2 more CVEs CVE-2020-1221, CVE-2020-1328 related to Microsoft Dynamics 365 on-premises. But there is no information on them on the Microsoft...

This Week in Security News: Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update and New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Microsoft’s largest-ever Patch Tuesday update including 129 CVEs. Also, read about a new Android Spyware dubbed ActionSpy. Read...

Threat Source newsletter for June 11, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We are back this week with new content, mainly around Microsoft Patch Tuesday. We have our complete breakdown of all the vulns here, as well as in-depth information on two remote code execution vulnerabilities one of our researche...

Vulnerability Spotlight: Two code execution vulnerabilities in Microsoft Excel

Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos researchers recently discovered two code execution vulnerabilities in Microsoft Excel. Microsoft released updates for these two bugs as part of their Patch Tuesday security update this week. Bo...

Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update

Microsoft has released patches for 129 vulnerabilities as part of its June Patch Tuesday updates – the highest number of CVEs ever released by Microsoft in a single month. Within the blockbuster security update, 11 critical remote code-execution flaws were patched in Windows, SharePoint server,...

June 2020 Patch Tuesday – 128 Vulns, 11 Critical, Sharepoint, Workstation, Adobe Patches

This month’s Microsoft Patch Tuesday addresses 128 vulnerabilities with 11 of them labeled as Critical. The 11 Critical vulnerabilities cover SharePoint server, Browsers, Scripting Engines, Windows, GDI+, OLE and LNK files. Adobe issued patches today for Experience Manager, Flash Player and...

This Week in Security News: How Researchers Used an App Store to Demonstrate Hacks on a Factory and Microsoft Again Surpasses 100 Vulnerabilities on Patch Tuesday

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about how researchers at Trend Micro used an app store to demonstrate hacks on a manufacturing facility. Also, learn about this month’s...

Microsoft Patch Tuesday — May 2020: Vulnerability disclosures and Snort coverage

By Jon Munshaw. Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 111 vulnerabilities. Fifteen of the flaws Microsoft disclosed are considered critical. There are also...

Microsoft Patch Tuesday May 2020: comments from VM vendors, promising stuff for phishing, troubles with SharePoint and lulz with Visual Studio

This will be my third Microsoft Patch Tuesday report in video and audio format. And for the third time in a row, Microsoft has addressed over a hundred vulnerabilities. With my Microsoft Patch Tuesday parser, it was possible to generate a report almost on the same day. But, of course, it takes mu...

Microsoft Patch Tuesday, May 2020 Edition

Microsoft today issued software updates to plug at least 111 security holes in Windows and Windows-based programs. None of the vulnerabilities were labeled as being publicly exploited or detailed prior to today, but as always if you're running Windows on any of your machines it's time once again ...

Microsoft Addresses 111 Bugs for May Patch Tuesday

Microsoft has released fixes for 111 security vulnerabilities in its May Patch Tuesday update, including 16 critical bugs and 96 that are rated important. Unlike other recent monthly updates from the computing giant this year, none of the flaws are publicly known or under active attack at the tim...