May 2020 Patch Tuesday – 111 Vulns, 16 Critical, SharePoint, VS Code, Adobe Patches

Continuing the trend of large Microsoft Patch Tuesdays, this month’s addresses 111 vulnerabilities with 16 of them labeled as Critical. The 16 Critical vulnerabilities cover SharePoint, Browsers, Scripting Engines, Media Foundation, Microsoft Graphics, Microsoft Color Management, and the VS Code...

Microsoft Patch Tuesday April 2020: my classification script, confusing RCE in Adobe Type Manager and updates for older vulnerabilities

Easiest task ever? Making the reviews of Microsoft Patch Tuesday vulnerabilities should be an easy task. All vulnerability data is publicly available. Even better, dozens of reviews have already been written. Just read them, combine and post. Right? Not really. In fact it is quite boring and...

Threat Source newsletter for April 16, 2020

Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. It’s what — week 5 of this quarantine in the U.S.? Week 6? We’ve lost count. And so did the Beers with Talos guys. But lucky for you, th...

Microsoft Patch Tuesday — April 2020: Vulnerability disclosures and Snort coverage

By Jon Munshaw. Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 115 vulnerabilities. Nineteen of the flaws Microsoft disclosed are considered critical. The remainder...

April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit

Microsoft has released its April 2020 Patch Tuesday security updates, its first big patch update released since the work-from-home era truly got underway. It’s a doozie, with the tech giant disclosing 113 vulnerabilities. Out of these, 19 are rated as critical, and 94 are rated as important...

Microsoft Issues Patches for 3 Bugs Exploited as Zero-Day in the Wild

It's April 2020 Patch Tuesday , and during these challenging times of coronavirus pandemic, this month's patch management process would not go easy for many organizations where most of the resources are working remotely. Microsoft today released the latest batch of software security updates for a...

TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln

Posted by Maddie Stone, Project Zero INTRODUCTION I’m really interested in 0-days exploited in the wild and what we, the security community, can learn about them to make 0-day hard. I explained some of Project Zero’s ideas and goals around in-the-wild 0-days in a November blog post. On December’s...

Microsoft Patch Tuesday March 2020: a new record was set, SMBv3 “Wormable” RCE and updates for February goldies

SMBv3 "Wormable" RCE Without a doubt, the hottest Microsoft vulnerability in March 2020 is the "Wormable" Remote Code Execution in SMB v3 CVE-2020-0796. The most commonly used names for this vulnerability are EternalDarkness, SMBGhost and CoronaBlue. There was a strange story of how it was...

Automatically Discover, Prioritize and Remediate Microsoft SMBv3 RCE Vulnerability (CVE-2020-0796) using Qualys VMDR

This month’s Patch Tuesday, Microsoft disclosed a critical “wormable” remote code execution RCE vulnerability in Microsoft Server Message Block 3.1.1 SMBv3 protocol. The exploitation of this vulnerability opens systems up to a 'wormable' attack, which means it would be easy to move from victim to...

This Week in Security News: Operation Overtrap Targets Japanese Online Banking Users and Everything You Need to Know About Tax Scams

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the number of ways Operation Overtrap can infect or trap victims with its payload. Also, read about how to protect your personal...

Threat Source newsletter (March 12, 2020)

Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Obviously, COVID-19 is dominating headlines everywhere, and for good reason. We hope everyone out there is staying safe and healthy and...

Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage

By Jon Munshaw and Vitor Ventura. Update March 12, 2020: Microsoft released an out-of-band patch for CVE-2020-0796, a code execution vulnerability SMB client and server for Windows. An unauthenticated attacker could exploit this vulnerability to execute remote code. Snort rules 53425 - 53428...

Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)

This month's Patch Tuesday, Microsoft disclosed a remote code execution vulnerability in SMB 3.1.1 v3 protocol. Even though initial release of the Patch Tuesday did not mention this vulnerability, details of the issue CVE-2020-0796 were published accidentally on another security vendor’s blog...

Microsoft Issues March 2020 Updates to Patch 115 Security Flaws

Microsoft today released security updates to fix a total of 115 new security vulnerabilities in various versions of its Windows operating system and related software—making March 2020 edition the biggest ever Patch Tuesday in the company's history. Of the 115 bugs spanning its various products —...

Microsoft Patches 26 Critical Bugs in Big March Update

Microsoft tackled 115 bug fixes as part of its March Patch Tuesday update – 26 rated critical and 88 rated medium severity. The bugs patched span its product catalog, from Azure DevOps to Windows 10. This month’s haul is notable in its quantity and that there are only a few stand-out bugs causing...

March 2020 Patch Tuesday – 115 Vulns, 26 Critical, Microsoft Word and Workstation Patches

This month’s Microsoft Patch Tuesday addresses 115 vulnerabilities with 26 of them labeled as Critical. Of the 26 Critical vulns, 17 are for browser and scripting engines, 4 are for Media Foundation, 2 are for GDI+ and the remaining 3 are for LNK files, Microsoft Word and Dynamics Business...

Microsoft Exchange Server Flaw Exploited in APT Attacks

Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. If left unpatched, the flaw allows authenticated attackers to execute code remotely with system privileges. The vulnerability in question CVE-2020-0688 exists in the control panel of...

Microsoft Exchange Server Flaw Exploited in APT Attacks

Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. If left unpatched, the flaw allows authenticated attackers to execute code remotely with system privileges. The vulnerability in question CVE-2020-0688 exists in the control panel of...

News Wrap: Valentine's Day Scams and Emotet's Wi-Fi Hack

Threatpost editors Tara Seals and Lindsey O’Donnell-Welch break down the top stories for this week, ended Feb. 14, including: Recent phishing scams – including ones with a romance hook – continue to trick victims, showing that phishing tactics still work in stealing millions from individuals,...

This Week in Security News: February 2020 Patch Tuesday Update and Misconfigured AWS S3 Bucket Leaks 36,000 Inmate Records

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the more than 140 February Patch Tuesday updates from Microsoft and Adobe. Also, read about how an unsecured and unencrypted...