Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the hcaptcha-for-forms-and-more domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the hcaptcha-for-forms-and-more domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114
Dubai Tech News

New Microsoft Windows Zero-Day Attack Confirmed: Update Now

Cybersecurity New Microsoft Windows Zero-Day Attack Confirmed: Update Now Davey Winder Senior Contributor Opinions expressed by Forbes Contributors are their own. Co-founder, Straight Talking Cyber Following New! Follow this author to stay notified about their latest stories. Got it! Sep 14, 2022, 02:35am EDT | New! Click on the conversation bubble to join the conversation Got it! Share to Facebook Share to Twitter Share to Linkedin It’s the second Tuesday of the month, which means Microsoft has started rolling out the latest set of security fixes.

This Patch Tuesday, there’s another Windows zero-day vulnerability already being exploited by attackers, Microsoft has confirmed. Users are advised to apply the security updates as soon as possible. In total, some 63 security vulnerabilities have been identified and patched this month.

Of these, five are flagged as critical and one has been confirmed as already actively exploited by threat actors: CVE-2022-37969 MORE FROM FORBES TikTok Account Takeover App Hack Only Needed 1 Click, Microsoft Says By Davey Winder What is CVE-2022-37969? CVE-2022-3796 has a severity rating of 7. 8 and impacts Windows versions from 7 right up to 11 as well as Windows Server 2008 and 2012. This is an elevation of privilege vulnerability in the Windows Common Log File System.

Microsoft has confirmed that a successful attack could gain system privileges to take control of the machine and that exploit code is available in the wild. MORE FOR YOU iOS 15: Apple Issues 22 Important iPhone Security Updates Widely-Used Hikvision Security Cameras Vulnerable To Remote Hijacking iOS 15 Is Available Now With These Stunning New iPhone Privacy Features Although exploiting CVE-2022-37969 requires access to the target system, and the ability to run code upon it, lowers the risk, it doesn’t mitigate it to anything approaching zero. A threat actor will likely use malware that exploits a different vulnerability or a simple ‘malicious link click’ phishing attack to achieve this access.

Mike Walters, a cybersecurity executive at Action1, says that “since the vulnerability has low complexity and requires no user interaction, an exploit will likely soon be in the arsenal of both white hats and black hats. ” It is therefore highly recommended that you patch this sooner rather than later. “Microsoft credits four different agencies reporting this bug,” Dustin Childs of the Zero Day Initiative says, “so it’s likely beyond just targeted attacks.

” A full list of Microsoft Patch Tuesday CVE’s can be found at ZDI Trend Micro ZDI Other vulnerabilities of note this Patch Tuesday Mike Walters highlights three critical vulnerabilities as further cause for concern. ” CVE-2022-34722 and CVE-2022-34721 are both called Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability, and both have a CVSS score 9. 8, making them critical vulnerabilities.

They both have low complexity for exploitation and allow threat actors to perform the attack with no user interaction. ” But it’s CVE-2022-34724 , a Windows TCP/IP Remote Code Execution Vulnerability that Walters says is more likely to be exploited. “It is a network attack with low complexity, but it affects only systems that are running the IPsec service, so if a system doesn’t need the IPsec service, disable it as soon as possible,” he concludes, “this vulnerability can be exploited in supply chain attacks where contractor and customer networks are connected by an IPsec tunnel.

If you have IPsec tunnels in your Windows infrastructure, this update is a must-have. ” MORE FROM FORBES Google Confirms Chrome Zero-Day #6 As Attacks Begin, Update Now By Davey Winder Follow me on Twitter or LinkedIn . Check out my website or some of my other work here .

Davey Winder Editorial Standards Print Reprints & Permissions.


From: forbes
URL: https://www.forbes.com/sites/daveywinder/2022/09/14/new-microsoft-windows-zero-day-attack-confirmed-update-now/

Exit mobile version