Security News > 2024 > March > Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability
Infosec in brief Cybersecurity researchers informed Microsoft that Notorious North Korean hackers Lazarus Group discovered the "Holy grail" of rootkit vulnerabilities in Windows last year, but Redmond still took six months to patch the problem.
Avast claims Lazarus Group used the vulnerability to obtain read/write primitive on the Windows kernel and install their FudModule rootkit, but Microsoft's opinion on the severity of admin-to-kernel exploits meant it didn't prioritize the matter, waiting until February's patch Tuesday to fix the issue, which it tagged as CVE-2024-21338, with a CVSS score of 8/10. "Some Windows components and configurations are explicitly not intended to provide a robust security boundary," Microsoft states on its Security Servicing criteria page.
Critical vulnerabilities of the week: Better update iOS. The leading critical vulnerabilities this week can be found in a long list of Apple security updates released for iOS and iPadOS versions 17.4 and 16.7.6, the former being the most recent version, and the latter being an older OS still used on some older devices.
Cloud computing can be great or create serious security risks, which is why the US National Security Agency and the Cybersecurity and Infrastructure Security Agency have teamed to share ten tips on how to mitigate risks.
In honor of Women's History Month, the White House National Security Council, Linux Foundation Training and Certification, the Open Source Security Foundation and Cloud Native Computing Foundation have teamed up to help Jordanian women get trained up to join the cybersecurity workforce with a new pilot program.
The initiative will provide 250 Jordanian women access to more than 100 free security courses and around 25 certifications, including ones related to Kubernetes and cloud native security, the Linux Foundation told The Register.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/03/11/infosec_news_in_brief/
Related news
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft cleans up hot mess of Patch Tuesday preview (source)
- Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser (source)
- CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)
- OpenPaX: Open-source kernel patch that mitigates memory safety errors (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-13 | CVE-2024-21338 | Unspecified vulnerability in Microsoft products Windows Kernel Elevation of Privilege Vulnerability | 7.8 |