4 min read

Threat Report 5/16/24

Evan Kennedy : May 16, 2024 10:39:21 AM

#apple #microsoft #adobe #googlechrome #mozilla
Threat Report 5/16/24
Critical Patches Issued for Microsoft Products 
     

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights. 


 

Affected Systems:

  • .NET and Visual Studio 
  • Azure Migrate 
  • Microsoft Bing 
  • Microsoft Brokering File System 
  • Microsoft Dynamics 365 Customer Insights 
  • Microsoft Edge (Chromium-based) 
  • Microsoft Intune 
  • Microsoft Office Excel 
  • Microsoft Office SharePoint 
  • Microsoft WDAC OLE DB provider for SQL 
  • Microsoft Windows SCSI Class System File 
  • Microsoft Windows Search Component 
  • Power BI 
  • Visual Studio 
  • Windows Cloud Files Mini Filter Driver 
  • Windows CNG Key Isolation Service 
  • Windows Common Log File System Driver 
  • Windows Cryptographic Services 
  • Windows Deployment Services 
  • Windows DHCP Server 
  • Windows DWM Core Library 
  • Windows Hyper-V 
  • Windows Kernel 
  • Windows Mark of the Web (MOTW) 
  • Windows Mobile Broadband 
  • Windows MSHTML Platform 
  • Windows NTFS 
  • Windows Remote Access Connection Manager 
  • Windows Routing and Remote Access Service (RRAS) 
  • Windows Task Scheduler 
  • Windows Win32K - GRFX 
  • Windows Win32K - ICOMP 
  • .NET and Visual Studio 
  • Azure Migrate 
  • Microsoft Bing 
  • Microsoft Brokering File System 

Risk

  • Large and medium business entities: High
  • Small business entities: Medium

 

Remediation Recommendations

  • Ensure all Microsoft products have the latest version(s) installed 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References

 
Vulnerability in Apple Products
Could Allow for Arbitrary Code Execution 
        

Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.   

Affected Systems:

  •  Versions prior to macOS Sonoma 14.5 
  • Versions prior to macOS Ventura 13.6.7 
  • Versions prior to macOS Monterey 12.7.5 
  • Versions prior to watchOS 10.5 
  • Versions prior to tvOS 17.5 
  • Versions prior to iOS 16.7.8 and iPadOS 16.7.8 
  • Versions prior to iOS 17.5 and iPadOS 17.5 

Risk

  • Large and medium business entities: High
  • Small business entities: Medium

Remediation Recommendations

  • Ensure Apple software has the latest version(s) installed 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References

 
A Vulnerability in Google Chrome
Could Allow for Arbitrary Code Execution 
 

Multiple vulnerabilities have been discovered in Google Chrome, which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights. 

 

Affected Systems:

  • Chrome versions prior to 125.0.6422.60/.61 for Windows and Mac 
  • Chrome versions prior to 125.0.6422.60 for Linux 

Risk

  • Large and medium business entities: High
  • Small business entities: Medium

Remediation Recommendations

  • Ensure all devices with Google Chrome have the latest version installed 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References


 
Vulnerabilities in Adobe Products
Could Allow for Arbitrary Code Execution 

 

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. 

Affected Systems:

  • Adobe Acrobat DC 24.002.20736 and earlier versions on Windows and macOS. 
  • Adobe Acrobat Reader DC 24.002.20736 and earlier versions on Windows and macOS. 
  • Adobe Acrobat 2020 20.005.30574 and earlier versions on Windows and macOS. 
  • Adobe Acrobat Reader 2020 20.005.30574 and earlier versions on Windows and macOS. 
  • Adobe Substance 3D Painter 9.1.2 and earlier versions. 
  • Adobe Substance 3D Designer 13.1.1 and earlier versions. 
  • Adobe Aero 0.23.4 and earlier versions on Windows and macOS. 
  • Adobe FrameMaker 2020 Release Update 5 and earlier on Windows. 
  • Adobe FrameMaker 2022 Release Update 3 and earlier on Windows. 
  • Adobe Dreamweaver 21.3 and earlier versions on Windows and macOS.
  • Adobe Illustrator 2024 28.4 and earlier versions on Windows and macOS.
  • Adobe Illustrator 2023 27.9.3 and earlier versions on Windows and macOS.
  • Adobe Animate 2023 23.0.5 and earlier versions on Windows and macOS.
  • Adobe Animate 2024 24.0.2 and earlier versions on Windows and macOS. 

Risk

  • Large and medium business entities: High
  • Small business entities: Medium

Remediation Recommendations

  • Ensure all devices running Oracle products have the latest version(s) installed 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References

 
Multiple Vulnerabilities in Mozilla Products
Could Allow for Arbitrary Code Execution  

 

Multiple vulnerabilities have been discovered in Mozilla Products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.  

Affected Systems:

  • Firefox ESR versions prior to 115.11 
  • Thunderbird versions prior to 115.11 
  • Firefox versions prior to 126 

Risk

  • Large and medium business entities: High
  • Small business entities: High

Remediation Recommendations

  • Ensure all versions of all Mozilla products are updated to their latest versions 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References
Threat Report 4/7/25

Threat Report 4/7/25

Evan Kennedy: Apr 7, 2025 9:00:00 AM

“Fast Flux” Threatens National Security, CISA Issues Advisory On April 2nd, CISA issued a joint Cybersecurity Advisory that highlights the...

#googlechrome #mozilla #cisaadvisory
Read More
Threat Report 3/24/25

Threat Report 3/24/25

Evan Kennedy: Mar 24, 2025 10:05:03 AM

Critical Patches Issued for Microsoft Products Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could...

#ransomware #phishing #apple #microsoft #googlechrome #googleandroid
Read More
Threat Report 3/10/25

Threat Report 3/10/25

Evan Kennedy: Mar 10, 2025 9:00:00 AM

CISA Says it Will Continue Monitoring Russian Cyber Threats The US Department of Homeland Security says the Cybersecurity and Infrastructure...

#cisa #cyberthreat #cyberattacks #databreach #vmware
Read More