Security News

17-Year-Old Critical 'Wormable' RCE Vulnerability Impacts Windows DNS Servers
2020-07-15 01:02

A threat actor can exploit SigRed vulnerability by sending crafted malicious DNS queries to a Windows DNS server and achieve arbitrary code execution, enabling the hacker to intercept and manipulate users' emails and network traffic, make services unavailable, harvest users' credentials and much more. Crafting Malicious DNS Responses Stating that the objective was to identify a vulnerability that would let an unauthenticated attacker compromise a Windows Domain environment, Check Point researchers said they focused on Windows DNS, specifically taking a closer look at how a DNS server parses an incoming query or a response for a forwarded query.

17-Year-Old Critical 'Wormable' RCE Vulnerability Impacts Windows DNS Servers
2020-07-15 01:02

A threat actor can exploit SigRed vulnerability by sending crafted malicious DNS queries to a Windows DNS server and achieve arbitrary code execution, enabling the hacker to intercept and manipulate users' emails and network traffic, make services unavailable, harvest users' credentials and much more. Crafting Malicious DNS Responses Stating that the objective was to identify a vulnerability that would let an unauthenticated attacker compromise a Windows Domain environment, Check Point researchers said they focused on Windows DNS, specifically taking a closer look at how a DNS server parses an incoming query or a response for a forwarded query.

Zoom Zero-Day Allows RCE, Patch on the Way
2020-07-09 18:18

UPDATE. A newly discovered bug in the Zoom Client for Windows could allow remote code-execution, according to researchers at 0patch, which disclosed the existence of the flaw on Thursday after pioneering a proof-of-concept exploit for it. The company told Threatpost: "Zoom addressed this issue, which impacts users running Windows 7 and older, in the 5.1.3 client release on July 10. Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.".

Microsoft fixes two RCE flaws affecting Windows 10 machines
2020-07-02 09:08

Microsoft has released fixes for two remote code execution vulnerabilities in the Microsoft Windows Codecs Library on Windows 10 machines. Both flaws - CVE-2020-1425 and CVE-2020-1457 - arose because of the way the Microsoft Windows Codecs Library handled objects in memory.

Drupal fixes three vulnerabilities, including one RCE
2020-06-19 10:45

Drupal's security team has fixed three vulnerabilities in the popular content management system's core, one of which could be exploited to achieve remote code execution. Drupal is a free and open-source web content management system, and over a million sites run on various versions of it.

SMBGhost RCE Exploit Threatens Corporate Networks
2020-06-08 15:54

The release of a fully functional proof-of-concept exploit for a critical, wormable remote code-execution vulnerability in Windows could spark a wave of cyberattacks, the feds have warned. Microsoft patched the bug tracked as CVE-2020-0796 back in March; also known as SMBGhost or CoronaBlue, it affects Windows 10 and Windows Server 2019.

PoC RCE exploit for SMBGhost Windows flaw released
2020-06-08 10:05

A security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions. The PoC exploit is unreliable, but could be used by malicious attackers as a starting point for creating a more effective exploit.

Two Critical Android Bugs Open Door to RCE
2020-06-02 17:10

Google has addressed two critical flaws in its latest monthly Android update that enable remote code execution on Android mobile devices. The critical bugs exist in the Android System area, and would allow a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process.

Android's June 2020 Patches Fix Critical RCE Vulnerabilities
2020-06-02 14:36

Google has started rolling out the June 2020 security patches for the Android operating system, which address a total of 43 vulnerabilities, including several rated critical. This is one of the two critical remote code execution issues patched in System, both affecting Android releases 8.0 through 10.

Cisco fixes critical RCE flaw in call center solution
2020-05-22 09:36

Cisco has patched a critical remote code execution hole in Cisco Unified Contact Center Express, its "Contact center in a box" solution, and is urging administrators to upgrade to a fixed software version. "The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to a specific listener on an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user on an affected device," Cisco explained.