Category Archives: patch tuesday

News Wrap: Valentine’s Day Scams and Emotet’s Wi-Fi Hack

Top stories of this week include a new Emotet Wi-Fi hack and Robbinhood ransomware operators using a "bring your own bug" technique.

Patch now! Microsoft releases fixes for 99 security flaws, some being actively exploited by hackers

It’s one of the largest Patch Tuesday updates ever issued by Microsoft, and includes fixes for 12 security vulnerabilities that have been given the highest severity rating of “critical.”

The clock is ticking. IT teams should waste no time in readying themselves for a roll-out across the Windows computers for which they’re responsible.

Microsoft Patch Tuesday updates for February 2020 fix IE 0day flaw

Microsoft February 2020 Patch Tuesday updates address a total of 99 new vulnerabilities, including an Internet Explorer zero-day exploited in the wild.

Microsoft has released the Patch Tuesday updates for February 2020 that address a total of 99 vulnerabilities, including an Internet Explorer zero-day tracked as CVE-2020-0674 reportedly exploited by the APT group.

In January, Microsoft has published a security advisory (ADV200001) that includes mitigations for the CVE-2020-0674 zero-day remote code execution (RCE) flaw.

The tech giant confirmed that the CVE-2020-0674 zero-day vulnerability has been actively exploited in the wild.

“A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.” reads the advisory published by Microsoft. “An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

An attacker could exploit the flaw to can gain the same user permissions as the user logged into the compromised Windows device. If the user is logged on with administrative permissions, the attacker can exploit the flaw to take full control of the system.

The CVE-2020-0674 flaw could be triggered by tricking victims into visiting a website hosting a specially crafted content designed to exploit the issue through Internet Explorer.

Microsoft announced that it was working on a patch to address the issue, meantime it suggested restricting access to JScript.dll using the following workaround to mitigate this zero-day flaw.

The flaw was reported by Google’s Threat Analysis Group and Chinese cybersecurity firm Qihoo 360, the latter security company confirmed that the DarkHotel group is the threat actor that exploited the issue in attacks in the wild.

The first Darkhotel espionage campaign was spotted by experts at Kaspersky Lab in late 2014, according to the researchers the APT group has been around for nearly a decade while targeting selected corporate executives traveling abroad. According to the

According to the experts, threat actors behind the Darkhotel campaign aimed to steal sensitive data from executives while they are staying in luxury hotels, the worrying news is that the hacking crew is still active.

The attackers appeared high skilled professionals that exfiltrated data of interest with a surgical precision and deleting any trace of their activity. The researchers noticed that the gang never go after the same target twice. The list of targets includes  CEOs, senior vice presidents, top R&D engineers, sales and marketing directors from the USA and Asia traveling for business in the APAC region.

Security researchers believe the APT group is a North Korea-linked nation-state actor.

12 of the total vulnerabilities fixed by Microsoft this month are rated as critical in severity, and the remaining ones have been rated as important.

Microsoft Patch Tuesday updates for February 2020 also address four important-severity vulnerabilities, two privilege escalation flaws in Windows, an information disclosure bug affecting IE and Edge, and a secure boot bypass method. All four flaws have been publicly disclosed before the company addressed them.

Ad usual let me suggest to give a look at the analysis of the security updates made by Trend Micro’s Zero Day Initiative (ZDI).

Pierluigi Paganini

(SecurityAffairs – Patch Tuesday updates for February 2020 , hacking)

The post Microsoft Patch Tuesday updates for February 2020 fix IE 0day flaw appeared first on Security Affairs.

February 2020 Patch Tuesday: Microsoft fixes 99 vulnerabilities, Adobe 42

February 2020 Patch Tuesday is here. To mark the occasion, Microsoft has released fixes for 99 vulnerabilities – 12 critical, one of which is being exploited in the wild – and Adobe 42, most of which are critical and none actively exploited. Adobe patches Security updates have been provided for various products: Framemaker, a document processor designed for writing and editing large or complex documents Acrobat and Reader (for PDF file creation, encryption, publishing, viewing, … More

The post February 2020 Patch Tuesday: Microsoft fixes 99 vulnerabilities, Adobe 42 appeared first on Help Net Security.

Update Microsoft Windows Systems to Patch 99 New Security Flaws

A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. According to the advisories, 12 of the total issues patched by the tech giant this month are critical in severity, and the remaining 87 have been listed as important. Five of the

Adobe Releases Patches for Dozens of Critical Flaws in 5 Software

Here comes the second 'Patch Tuesday' of this year. Adobe today released the latest security updates for five of its widely used software that patch a total of 42 newly discovered vulnerabilities, 35 of which are critical in severity. The first four of the total five affected software, all listed below, are vulnerable to at least one critical arbitrary code execution vulnerability that could

February 2020 Patch Tuesday forecast: A lot of love coming our way

The January 2020 Patch Tuesday was a light one as predicted; everyone was still catching up from the end-of-year holidays. As we gain momentum into February and move towards Valentine’s Day, I anticipate Microsoft, and at least Mozilla, will give plenty of love and attention to their applications and operating systems. LDAP Microsoft had announced back in August with Advisory 190023 that they were planning several updates to their implementation of the Lightweight Directory Access … More

The post February 2020 Patch Tuesday forecast: A lot of love coming our way appeared first on Help Net Security.

Adobe Patches Five Critical Illustrator CC Flaws

Overall Adobe patched nine flaws in Illustrator CC and Experience Manager.

Adobe Releases First 2020 Patch Tuesday Software Updates

Adobe today released software updates to patch a total of 9 new security vulnerabilities in two of its widely used applications, Adobe Experience Manager and Adobe Illustrator. It's the first Patch Tuesday for the year 2020 and one of the lightest patch releases in a long time for Adobe users. Moreover, none of the security vulnerabilities patched this month were either publicly disclosed or