New Zoom Hack Lets Hackers Compromise Windows and Its Login Password
Zoom has been there for nine years, but the immediate requirement of an easy-to-use video conferencing app during the coronavirus pandemic overnight made it one of the most favorite communication tool for millions of people around the globe.
Warning — Two Unpatched Critical 0-Day RCE Flaws Affect All Windows Versions
Microsoft today issued a new security advisory warning billions of Windows users of two new critical, unpatched zero-day vulnerabilities that could let hackers remotely take complete control over targeted computers.
New Android Cookie-Stealing Malware Found Hijacking Facebook Accounts
A new simple but dangerous strain of Android malware has been found in the wild that steals users' authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices.
Warning — Unpatched Critical 'Wormable' Windows SMBv3 Flaw Disclosed
Shortly after releasing its monthly batch of security updates, Microsoft late yesterday separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Server Message Block 3.0 (SMBv3) network communication protocol.
Microsoft Issues March 2020 Updates to Patch 115 Security Flaws
Microsoft today released security updates to fix a total of 115 new security vulnerabilities in various versions of its Windows operating system and related software—making March 2020 edition the biggest ever Patch Tuesday in the company's history.
Critical PPP Daemon Flaw Opens Most Linux Systems to Remote Hackers
The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon (pppd) software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices.
GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat
If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it.
New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices
Cyber security researchers today uncovered a new high-severity hardware vulnerability residing in the widely-used Wi-Fi chips manufactured by Broadcom and Cypress—apparently powering over a billion devices, including smartphones, tablets, laptops, routers, and IoT gadgets.
New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers
OpenSMTPD has been found vulnerable to yet another critical vulnerability that could allow remote attackers to take complete control over email servers running BSD or Linux operating systems.
Emotet Malware Now Hacks Nearby Wi-Fi Networks to Infect New Victims
Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks.
Sudo Bug Lets Non-Privileged Linux and macOS Users Run Commands as Root
Joe Vennix of Apple security has found another significant vulnerability in sudo utility that under a specific configuration could allow low privileged users or malicious programs to execute arbitrary commands with administrative ('root') privileges on Linux or macOS systems.
Sudo is one of the most important, powerful, and commonly used utilities that comes as a core command pre-installed on macOS and almost every UNIX or Linux-based operating system.
Sudo has been designed to let users run apps or commands with the privileges of a different user without switching environments.
Sudo Vulnerability (CVE-2019-18634)
The newly discovered privilege escalation vulnerability, tracked as CVE-2019-18634, in question stems from a stack-based buffer overflow issue that resides in Sudo versions before 1.8.26.
According to Vennix, the flaw can only be exploited when the "pwfeedback" option is enabled in the sudoers configuration file, a feature that provides visual feedback, an asterisk (*), when a user inputs password in the terminal.
To be noted, the pwfeedback feature is not enabled by default in the upstream version of sudo or many other packages. However, some Linux distributions, such as Linux Mint and Elementary OS, do enable it in their default sudoers files.
Besides this, when pwfeedback is enabled, the vulnerability can be exploited by any user, even without sudo permissions.
"The bug can be reproduced by passing a large input to sudo via a pipe when it prompts for a password," Sudo developer Todd C. Miller explained. "Because the attacker has complete control of the data used to overflow the buffer, there is a high likelihood of exploitability."
Check If You're Affected and Apply Patches
To determine if your sudoers configuration is affected, you can run "sudo -l" command on your Linux or macOS terminal to find whether the "pwfeedback" option is enabled and listed in the "Matching Defaults entries" output.
If enabled, you can disable the vulnerable component by changing "Defaults pwfeedback" to "Defaults !pwfeedback" in the sudoers configuration file to prevent the exploitation of the privilege escalation vulnerability.
Vennix responsibly reported the vulnerability to the maintainers of Sudo, who late last week released sudo version 1.8.31 with a patch.
"While the logic bug is also present in sudo versions 1.8.26 through 1.8.30 it is not exploitable due to a change in EOF handling introduced in sudo 1.8.26," Miller said.
Apple has also released a patch update for macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.2 last week.
Joe Vennix last year reported a similar impact vulnerability in Sudo that could have been exploited by an attacker to run commands as root just by specifying the user ID "-1" or "4294967295."