Microsoft patches a new zero-day affecting all versions of Windows

Microsoft has released security fixes for a zero-day vulnerability affecting all supported versions of Windows that has been exploited in real-world attacks.

The zero-day bug, tracked as CVE-2022-37969, is described as an elevation of privilege flaw in the Windows Common Log File System Driver, a subsystem used for data and event logging. The bug allows an attacker to obtain the highest level of access, known as system privileges, to a vulnerable device.

Microsoft says users running Windows 11 and earlier, and Windows Server 2008 and Windows Server 2012, are affected. Windows 7 will also receive security patches, despite falling out of support in 2020

Microsoft said the flaw requires that an attacker already has access to a compromised device, or the ability to run code on the target system.

“Bugs of this nature are often wrapped into some form of social engineering attack, such as convincing someone to open a file or click a link,” said Dustin Childs, head of threat intelligence at the Zero Day Initiative (ZDI). “Once they do, additional code executes with elevated privileges to take over a system.”

Microsoft credited four different sets of researchers from CrowdStrike, DBAPPSecurity, Mandiant, and Zscaler for reporting the flaw, which may be an indication of widespread exploitation in the wild.

Dhanesh Kizhakkinan, senior principal vulnerability engineer at Mandiant, told TechCrunch that the company discovered the bug “during a proactive Offensive Task Force exploit hunting mission,” adding that the exploit appears to be standalone and is not part of an attack chain.

Microsoft did not share details about the attacks exploiting this vulnerability and did not respond to our request for comment.

The fixes arrived as part of Microsoft’s regularly scheduled monthly release of security fixes, dubbed Patch Tuesday, which includes a total of 63 vulnerabilities in various Microsoft products, including Microsoft Edge, Office, and Windows Defender.

Microsoft also released patches for a second zero-day flaw, tracked as CVE-2022-23960, which it describes as a cache speculation vulnerability known as “Spectre-BHB” affecting Windows 11 for ARM-based systems. Spectre-BHB is a variant of the Spectre v2 vulnerability, which can allow attackers to steal data from memory.

Earlier this week, Apple moved to patch a zero-day under active attack in iOS and macOS.

Credit belongs to : www.techcrunch.com

You May Also Like

Nigerian proptech Spleet gets $2.6M led by MaC VC to scale its property management products

For the average individual living in Lagos — Nigeria’s most populous city, with over 20 million people — apartment hunting is an extreme sport. Not only is rent expensive — low- to middle-income housing can cost between $1,000 and $5,000 yearly — but renters must also pay a year in advance, sometimes even two before […]

Nigerian proptech Spleet gets $2.6M led by MaC VC to scale its property management products by Tage Kene-Okafor originally published on TechCrunch

App Store experienced sharp revenue drop in September, Morgan Stanley says

Apple’s App Store suffered a 5% year-on-year dip in net revenue in September according to a note from Morgan Stanley analyst Erik Woodring. This is the biggest drop in App Store revenue since the financial services company started tracking its data. Woodring said gaming was the biggest reason for the decline as the sector plunged […]

App Store experienced sharp revenue drop in September, Morgan Stanley says by Ivan Mehta originally published on TechCrunch

error: Content is protected !!