Threat Report 11/21/24
Critical Patches Issued for Microsoft Products Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could...
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.
Affected Systems:
Chrome prior to 129.0.6668.58/59 for Windows and Mac
Chrome prior to 129.0.6668.58 for Linux
Risk
Remediation Recommendations
Ensure all devices using Google Chrome have the latest version(s) installed
Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it)
References
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.
Affected Systems:
Risk
Remediation Recommendations
References
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.
Affected Systems:
Risk
Remediation Recommendations
Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it)
References
The US Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a PSA warning of false claims that hackers have compromised US voter registration databases, BleepingComputer reports. The advisory notes, "The reality is that having access to voter registration data is not by itself an indicator of a voter registration database compromise. Most U.S. voter information can be purchased or otherwise legitimately acquired through publicly available sources. In recent election cycles, when cyber actors have obtained voter registration information, the acquisition of this data did not impact the voting process or election results."
The advisory adds that "the FBI and CISA have no information suggesting any cyberattack on U.S. election infrastructure has prevented an election from occurring, changed voter registration information, prevented an eligible voter from casting a ballot, compromised the integrity of any ballots cast, or disrupted the ability to count votes or transmit unofficial election results in a timely manner."
Microsoft issued patches for 79 vulnerabilities on Tuesday, September 10, including four actively exploited zero-days, Dark Reading reports. Two of the zero-days (CVE-2024-38226 and CVE-2024-38217) are security bypass vulnerabilities that can be exploited via social engineering. Dark Reading quotes Satnam Narang, senior staff research engineer at Tenable, as saying, "Exploitation of both CVE-2024-38226 and CVE-2024-38217 can lead to the bypass of important security features that block Microsoft Office macros from running." A third zero-day (CVE-2024-38014) is an elevation of privilege flaw affecting Windows Installer that can allow an attacker to gain SYSTEM privileges. The fourth zero-day is a remote code execution vulnerability in the Servicing Stack that's been assigned a CVSS score of 9.8. This vulnerability can allow an attacker to roll back fixes for previously patched flaws in Windows 10, version 1507.
Critical Patches Issued for Microsoft Products Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could...
Multiple Vulnerabilities in Microsoft Edge (Chromium-Based) Could Allow for Arbitrary Code Execution Multiple vulnerabilities have been discovered...
Critical Patches Issued for Microsoft Products Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which...