Security News

Microsoft has shared a workaround for a Windows 10 zero-day vulnerability that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. "An elevation of privilege vulnerability exists because of overly permissive Access Control Lists on multiple system files, including the Security Accounts Manager database," Microsoft explains in a security advisory published on Tuesday evening.

Windows 10 and Windows 11 are vulnerable to a local elevation of privilege vulnerability after discovering that users with low privileges can access sensitive Registry database files. The database files associated with the Windows Registry are stored under the C:Windowssystem32config folder and are broken up into different files such as SYSTEM, SECURITY, SAM, DEFAULT, and SOFTWARE. As these files contain sensitive information about all user accounts on a device and security tokens used by Windows features, they should be restricted from being viewed by regular users with no elevated privileges.

Security appliance slinger Fortinet has warned of a critical vulnerability in its own FortiGate products which can be exploited to allow unauthenticated attackers full control over the target system - providing a particular daemon is enabled. The vulnerability, discovered by Orange Group security researcher Cyrille Chatras and sent to Fortinet privately for responsible disclosure, lies in the FortiManager and FortiAnalyzer software running atop selected models in the company's FortiGate security appliance family.

A high-severity vulnerability affecting Rockwell Automation's MicroLogix 1100 programmable logic controllers can be exploited to cause a device to enter a persistent fault condition. According to advisories released this month by Rockwell and the U.S. Cybersecurity and Infrastructure Security Agency, a remote, unauthenticated attacker can exploit CVE-2021-33012 to cause a denial of service condition on the targeted controller by sending it specially crafted commands.

Apple in early 2021 quietly patched an iOS vulnerability that could lead to remote code execution when connecting to a Wi-Fi access point that had a specially crafted SSID. The issue was initially brought to light last month, when reverse engineer Carl Schou discovered that the Wi-Fi functionality on his iPhone would completely crash when connecting to a hotspot that had the SSID "%p%s%s%s%s%n. The issue, which impacts all iOS devices running iOS 14.0 to 14.6, was deemed to be a format string bug, where iOS is considering the characters that follow "%" as string-format specifiers, meaning that they are processed as commands, rather than text.

Microsoft on Thursday shared fresh guidance on yet another vulnerability affecting the Windows Print Spooler service, stating that it's working to address it in an upcoming security update. "An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges," the Windows maker said in its advisory.

Hackers have started targeting a critical WooCommerce vulnerability only days after patches started rolling out, patchstack says. WooCommerce is a popular open-source eCommerce plugin for WordPress, with more than 5 million installations to date, making it an attractive target for cybercriminals.

Microsoft is sharing mitigation guidance on a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed tonight. Microsoft released an advisory Thursday night for a new CVE-2021-34481 elevation of privilege vulnerability in the Windows Print Spooler that Dragos security researcher Jacob Baines discovered.

WooCommerce, the popular e-commerce plugin for the WordPress content management system has been updated to patch a serious vulnerability that could be exploited without authentication. Owned by Automattic, the company behind the WordPress.com blogging service, the WooCommerce plugin has more than five million installations.

SecPod announced that it has extended its vulnerability management capabilities to the whole network infrastructure through its latest product release, SanerNow 5.0. With this new release, SanerNow is an all-encompassing vulnerability and patch management solution and is more competitively positioned in the vulnerability assessment market.