Latest News Latest News

Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies

An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar.

Read More...

Critical Unpatched VMware Flaw Affects Multiple Corporates Products

VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system.

Read More...

Microsoft Releases Windows Security Updates For Critical Flaws

Microsoft formally released fixes for 112 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day.

Read More...

Researcher Discloses Critical RCE Flaws In Cisco Security Manager

Cisco has published multiple security advisories concerning critical flaws in Cisco Security Manager (CSM) a week after the networking equipment maker quietly released patches with version 4.22 of the platform.

Read More...

Cisco warns of actively exploited IOS XR zero-days

Cisco warned on Saturday about two zero-day vulnerability impacting the Internetwork Operating System (IOS) that ships with its networking equipment.

Read More...

New Chrome 0-day Under Active Attacks – Update Your Browser Now

Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today.

Read More...

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices.

Read More...

India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why?

The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity.

Read More...

FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks

A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. "Recent FIN11 intrusions have most commonly led to data theft, extortion and the disruption of victim networks via the distribution of CLOP ransomware".

Read More...

Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs

Microsoft on Tuesday issued fixes for 87 newly discovered security vulnerabilities as part of its October 2020 Patch Tuesday, including two critical remote code execution (RCE) flaws in Windows TCP/IP stack and Microsoft Outlook.

Read More...

Most Viewed News Most Viewed News

Back

Microsoft Issues Patches for 4 Bugs Exploited as Zero-Day in the Wild

It's April 2020 Patch Tuesday, and during these challenging times of coronavirus pandemic, this month's patch management process would not go easy for many organizations where most of the resources are working remotely.

Microsoft today released the latest batch of software security updates for all supported versions of its Windows operating systems and other products that patch a total of 113 new security vulnerabilities, 17 of which are critical and 96 rated important in severity.

Patches for 4 Zero-Days Exploited In the Wild

Most importantly, two of the security flaws have been reported as being publicly known at the time of release, and the four are being actively exploited in the wild by hackers.

One of the publicly disclosed flaws, which was also exploited as zero-day, resides in the Adobe Font Manager Library used by Windows, the existence of which Microsoft revealed last month within an early security warning for its millions of users.

Tracked as CVE-2020-1020, the remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.

As explained in the previous post, the affected font library not only parses content when open with a 3rd-party software but also is used by Windows Explorer to display the content of a file in the 'Preview Pane' or 'Details Pane' without having users to open it.

The second in-the-wild exploited remote code execution flaw (CVE-2020-0938) also resides in the Adobe Type Manager Library that triggers when parsing a malicious OpenType font.

Both of these zero-day flaws were reported to Microsoft in the last week of March by researchers working with Google Project Zero but with a very short full disclosure deadline, which was then mutually extended considering the current global circumstances.

The third zero-day is an elevation of privilege vulnerability (CVE-2020-1027) in Windows kernel and the last in the wild exploited issue impacts scripting engine of Internet Explorer versions 9 and 11, where a memory corruption bug (CVE-2020-0968) could let attackers remotely compromise a targeted computer just by convincing the victim into opening a specially crafted website through the vulnerable web browser.

Other New Bugs Microsoft Patched this Month

The second publicly known issue, which was not exploited in the wild, is an important elevation of privilege vulnerability (CVE-2020-0935) that resides in the OneDrive for Windows desktop.

The latest update also includes patches for 5 critical flaws that affect Microsoft Office SharePoint, 4 of which exists due to the failure of the software to check the source markup of an application package, allowing remote attackers to execute arbitrary code on the affected machines.

Whereas, the 5th SharePoint flaw is a cross-site-scripting (XSS) issue (CVE-2020-0927) that can be exploited by an authenticated attacker by sending a specially crafted request to an affected SharePoint server.

There's another notable flaw, tracked as CVE-2020-0910 and rated critical, that affects Windows Hyper-V, allowing a guest virtual machine to compromise the hypervisor, escaping from a guest virtual machine to the host, or escaping from one guest virtual machine to another guest virtual machine.

Besides these, other critical flaws Microsoft patched this month affect Chakra scripting engine, Microsoft Dynamics 365 Business Central, media foundation, graphics components, codecs library and VBScript—all leading to remote code execution attacks.

Windows users and system administrators are highly advised to apply the latest security patches as soon as possible in an attempt to keep cybercriminals and hackers away from taking control of their computers.

For installing the latest Windows security updates, you can head on to Settings → Update & Security → Windows Update → Check for updates on your PC, or you can install the updates manually.


Contact Us Contact Us

Free Call[OH]: 933

Phone Number: +251-993939270,

                            +251-936825343,

                            +251-944-33-68-02

E-mail: ethiocert@insa.gov.et

P.O.Box: 124498

Download PGP Keys


Report an Incident

Values Values

  • Trustworthiness
  • Innovation
  • Scientific
  • Democracy
  • Synergy
  • Saving