Security News

Today is Microsoft's August 2021 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities and a total of 44 flaws, so please be nice to your Windows admins as they scramble to installed patches. Microsoft has fixed 44 vulnerabilities with today's update, with seven classified as Critical and 37 as Important.

Patch bypass flaw in Pulse Secure VPNs can lead to total compromiseThe patch for a vulnerability in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich Warren has found. Vulnerable TCP/IP stack is used by almost 200 device vendorsResearchers have discovered 14 new vulnerabilities affecting the proprietary NicheStack TCP/IP stack, used in OT devices such as the extremely popular Siemens S7 PLCs. A look at the 2021 CWE Top 25 most dangerous software weaknessesThe 2021 Common Weakness Enumeration Top 25 Most Dangerous Software Weaknesses is a demonstrative list of the most common issues experienced over the previous two calendar years.

Threat actors are now actively scanning for the Microsoft Exchange ProxyShell remote code execution vulnerabilities after technical details were released at the Black Hat conference. ProxyShell is the name for three vulnerabilities that perform unauthenticated, remote code execution on Microsoft Exchange servers when chained together.

A free unofficial patch is now available to block attackers from taking over domain controllers and compromising entire Windows domains via PetitPotam NTLM relay attacks. The PetitPotam attack vector that forces Windows machines to authenticate against threat actors' malicious NTLM relay servers using the Microsoft Encrypting File System Remote Protocol was disclosed last month by security researcher Gilles Lionel.

In a Thursday security advisory update, Cisco revealed that a remote code execution vulnerability in the Adaptive Security Device Manager Launcher disclosed last month is a zero-day bug that has yet to receive a security update. Cisco ADSM is a firewall appliance manager that provides a web interface for managing Cisco Adaptive Security Appliance firewalls and AnyConnect Secure Mobility clients.

The patch for a vulnerability in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich Warren has found. This new patch bypass vulnerability that could lead to remote code execution has been assigned a separate identification number and has been fixed by Ivanti Pulse Secure on Monday.

If you use Microsoft's security only updates each month, be sure to include the security only out-of-band updates for your operating systems, because they must be installed for the PrintNightmare fix; they were not included in the Patch Tuesday set of security only updates. The release of zero-day updates, particularly one of this magnitude, provides an excellent opportunity to validate your emergency patching policies and procedures.

A free unofficial patch has been released to protect Windows users from all new PrintNightmare zero-day vulnerabilities discovered since June. Technical details and a proof-of-concept exploit for a new Windows print spooler vulnerability named 'PrintNightmare' was accidentally disclosed in June.

LAS VEGAS - Microsoft Windows 10 biometric user authentication systems Windows Hello can be bypassed, using a single infrared image of a user's face planted on a tampered clone of an external USB-based webcam. According to research disclosed here at Black Hat USA 2021, the flaw still allows attackers - in some scenarios - to bypass Windows Hello and Windows Hello for Business, used for single-sign-on access to a user's computer and a host of Windows services and associated data.

The software used to control pneumatic tubes in over 3,000 hospitals around the world has nine critical vulnerabilities that could halt hospital operations if exploited by a savvy attacker. Tube systems in hospitals are commonly used to deliver medicine, transport blood and other essential medical supplies, and send lab samples across buildings that would take considerable time to deliver on foot.