Security News > 2020 > July

A threat actor can exploit SigRed vulnerability by sending crafted malicious DNS queries to a Windows DNS server and achieve arbitrary code execution, enabling the hacker to intercept and manipulate users' emails and network traffic, make services unavailable, harvest users' credentials and much more. Crafting Malicious DNS Responses Stating that the objective was to identify a vulnerability that would let an unauthenticated attacker compromise a Windows Domain environment, Check Point researchers said they focused on Windows DNS, specifically taking a closer look at how a DNS server parses an incoming query or a response for a forwarded query.

Microsoft on Tuesday patched a wormable hole in its Windows Server software that can be exploited remotely to completely commandeer the machine without any authorization. Some 18 of those CVE-listed security flaws are considered critical, meaning remote code execution is possible without user interaction.

Microsoft today released updates to plug a whopping 123 security holes in Windows and related software, including fixes for a critical, "Wormable" flaw in Windows Server versions that Microsoft says is likely to be exploited soon. A full 17 other critical flaws fixed in this release tackle security weaknesses that Microsoft assigned its most dire "Critical" rating, such as in Office, Internet Exploder, SharePoint, Visual Studio, and Microsoft's.

A critical DNS bug and a publicly known elevation-of-privilege flaw top Microsoft's July Patch Tuesday list of 123 fixes. "A remote, unauthenticated attacker could exploit this vulnerability by sending a malicious request to a vulnerable Windows DNS server. Successful exploitation would allow the attacker to execute arbitrary code under the local system account context," wrote Satnam Narang, staff research engineer at Tenable, in the company's Patch Tuesday analysis.

SAP customers should update their installations to close a security vulnerability that can be exploited to commandeer the software by anyone who can reach it. Dubbed RECON, aka Remotely Exploitable Code On NetWeaver, by its discoverers, security shop Onapsis, the bug in SAP's NetWeaver AS JAVA allows a remote unathenticated hacker to take over a vulnerable NetWeaver-based system by creating admin accounts without any authorization.

Adobe has released its scheduled July 2020 security updates, covering flaws in five different product areas: Creative Cloud Desktop; Media Encoder; Download Manager; Genuine Service; and ColdFusion. "Updates to both Adobe Download Manager and Media Encoder address critical vulnerabilities that could lead to arbitrary code execution," Justin Knapp, product marketing manager at Automox, told Threatpost.

Trustwave's security researchers have discovered another malware family delivered through tax software that Chinese banks require companies doing business in the country to use. The discovery comes only weeks after the security firm published information on GoldenSpy, a backdoor delivered via the Intelligent Tax application produced by the Golden Tax Department of Aisino Corporation.

Video cameras can be used in a variety of situations beyond simple surveillance, says research firm IDC. The demand for video surveillance cameras is expected to jump over the next few years, according to new data released by IDC on Tuesday. Differing somewhat from traditional security and closed-circuit television cameras, video surveillance cameras typically work in conjunction with security systems and are often internet-connected so people can monitor the feed from anywhere.

Whonix is a Linux desktop dedicated to absolute security and privacy. Find out how to use this unique take on the desktop operating system.

Adobe has patched over a dozen vulnerabilities in its Creative Cloud, Media Encoder, Genuine Service, ColdFusion and Download Manager products. In the Windows version of Download Manager, Adobe fixed a critical command injection issue that could lead to arbitrary code execution, the company said in an advisory.