Security News
Details and PoC for critical SharePoint RCE flaw releasedA "Wormable" remote code execution flaw in the Windows DNS Server service temporarily overshadowed all the other flaws patched by Microsoft on July 2020 Patch Tuesday, but CVE-2020-1147, a RCE affecting Microsoft SharePoint, was also singled out as critical and requiring a speedy fix. Microsoft releases new encryption, data security enterprise toolsMicrosoft has released several new enterprise security offerings to help companies meet the challenges of remote work.
Tracked as CVE-2020-1147 and considered critical severity, the bug occurs when the software doesn't check the source markup of XML file input. "The vulnerability is found in the DataSet and DataTable types which are.NET components used to manage data sets," the software giant revealed in an advisory published last week.
Last week, a "Wormable" remote code execution flaw in the Windows DNS Server service temporarily overshadowed all the other flaws patched by Microsoft on July 2020 Patch Tuesday, but CVE-2020-1147, a RCE affecting Microsoft SharePoint, was also singled out as critical and requiring a speedy fix. Implementing the offered security updates has since become even more urgent, as more exploitation details and a PoC have been released on Monday.
A security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions. The PoC exploit is unreliable, but could be used by malicious attackers as a starting point for creating a more effective exploit.
The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency has warned Windows users that a recently released proof-of-concept exploit for the vulnerability tracked as SMBGhost has been abused to launch attacks. The flaw affects Windows 10 and Windows Server and it can be exploited for denial-of-service attacks, local privilege escalation, and arbitrary code execution.
A proof-of-concept exploit has been made public for a recently patched vulnerability in OpenSSL that can be exploited for denial-of-service attacks. OpenSSL versions 1.1.1d, 1.1.1e and 1.1.1f are affected by a high-severity vulnerability that has been described as a segmentation fault in the SSl check chain function.
Proof-of-concept exploits have been released for two recently patched Remote Desktop Gateway vulnerabilities that can be exploited for remote code execution. Remote Desktop Gateway is a Windows Server component previously known as Terminal Services Gateway.
Last week, Threatpost conducted a reader poll and almost 60 percent of 230 security pundits thought it was a "Good idea" to publish PoC code for zero days. Joseph Carson, chief security scientist at Thycotic, told Threatpost that while he thinks PoC exploits can have a positive impact, "It is also important to include what defenders can do to reduce the risks such a methods to harden systems or best practices."
The practice of disclosing proof-of-concept exploits has long caused a debate in the security community. Just this past week, a slew of PoC exploits were published for various vulnerabilities, including ones for a recently patched crypto-spoofing vulnerability found by the National Security Agency and reported to Microsoft; and for critical flaws impacting the Cisco Data Center Network Manager tool for managing network platforms and switches.
Tom: Well, yeah, I will say that in a situation when you have a zero day or you have an unpatched vulnerability, I could make an argument that it is irresponsible and you know the disclosure of a PoC might be better suited for a bad channel as opposed to a chest-beating researcher who just wants some fame and maybe not so much fortune. I think it was called Cable Haunt and it was in multiple cable modems that are used by ISPs to provide broadband into homes so you know what's going on there?