Critical Patches Issued for Microsoft Products
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.
Affected Systems:
- Many popular Microsoft products including, but not limited to, Windows, Office, and Edge
Risk
- Large and medium business entities: High
- Small business entities: Medium
Remediation Recommendations
References
Multiple Vulnerabilities in Google Chrome
Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.
Affected Systems:
- Chrome prior to 134.0.6998.117/118 for Windows and Mac
- Chrome prior to 134.0.6998.117 for Linux
Risk
- Large and medium business entities: High
- Small business entities: Medium
Remediation Recommendations
References
Multiple Vulnerabilities in Google Android OS
Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution. Depending on the privileges associated with the exploited component, an attacker could install programs; view, change, or delete data; or create new accounts with full rights.
Affected Systems:
- Android OS patch levels prior to 2025-03-05
Risk
- Large and medium business entities: High
- Small business entities: Medium
Remediation Recommendations
References
Scareware Campaign Targets Mac Users
A scareware phishing campaign has shifted from targeting Windows to focusing on Mac users, according to LayerX. The campaign initially used phony Microsoft security alerts to trick Windows users into handing over their credentials but began targeting Safari users following the rollout of new anti-scareware features in Microsoft, Chrome, and Firefox browsers. The phishing sites inform the user that their computer has been locked due to a malware infection, telling them to enter their credentials and call a phone number for tech support.
CISA Issues Advisory on Medusa Ransomware
The US Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and MS-ISAC have issued a joint advisory on the Medusa ransomware-as-a-service (RaaS) offering, warning that Medusa affiliates "have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing." Medusa actors carry out double-extortion attacks, exfiltrating data before encrypting it in order to place additional pressure on the victim.
The advisory outlines one instance that potentially involved "triple extortion," in which a victim who had already paid the ransom was contacted by another Medusa affiliate who claimed the negotiator had stolen the ransom payment. The affiliate demanded an additional payment in order to provide the decryption key.
