Security News > 2024 > March > Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability
Infosec in brief Cybersecurity researchers informed Microsoft that Notorious North Korean hackers Lazarus Group discovered the "Holy grail" of rootkit vulnerabilities in Windows last year, but Redmond still took six months to patch the problem.
Avast claims Lazarus Group used the vulnerability to obtain read/write primitive on the Windows kernel and install their FudModule rootkit, but Microsoft's opinion on the severity of admin-to-kernel exploits meant it didn't prioritize the matter, waiting until February's patch Tuesday to fix the issue, which it tagged as CVE-2024-21338, with a CVSS score of 8/10. "Some Windows components and configurations are explicitly not intended to provide a robust security boundary," Microsoft states on its Security Servicing criteria page.
Critical vulnerabilities of the week: Better update iOS. The leading critical vulnerabilities this week can be found in a long list of Apple security updates released for iOS and iPadOS versions 17.4 and 16.7.6, the former being the most recent version, and the latter being an older OS still used on some older devices.
Cloud computing can be great or create serious security risks, which is why the US National Security Agency and the Cybersecurity and Infrastructure Security Agency have teamed to share ten tips on how to mitigate risks.
In honor of Women's History Month, the White House National Security Council, Linux Foundation Training and Certification, the Open Source Security Foundation and Cloud Native Computing Foundation have teamed up to help Jordanian women get trained up to join the cybersecurity workforce with a new pilot program.
The initiative will provide 250 Jordanian women access to more than 100 free security courses and around 25 certifications, including ones related to Kubernetes and cloud native security, the Linux Foundation told The Register.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/03/11/infosec_news_in_brief/
Related news
- Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs (source)
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)
- CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability (source)
- Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955) (source)
- April 2024 Patch Tuesday forecast: New and old from Microsoft (source)
- Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs (source)
- Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-13 | CVE-2024-21338 | Unspecified vulnerability in Microsoft products Windows Kernel Elevation of Privilege Vulnerability | 7.8 |