4 min read

Threat Report 5/16/24

Threat Report 5/16/24
Critical Patches Issued for Microsoft Products 
     

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights. 


 

Affected Systems:

  • .NET and Visual Studio 
  • Azure Migrate 
  • Microsoft Bing 
  • Microsoft Brokering File System 
  • Microsoft Dynamics 365 Customer Insights 
  • Microsoft Edge (Chromium-based) 
  • Microsoft Intune 
  • Microsoft Office Excel 
  • Microsoft Office SharePoint 
  • Microsoft WDAC OLE DB provider for SQL 
  • Microsoft Windows SCSI Class System File 
  • Microsoft Windows Search Component 
  • Power BI 
  • Visual Studio 
  • Windows Cloud Files Mini Filter Driver 
  • Windows CNG Key Isolation Service 
  • Windows Common Log File System Driver 
  • Windows Cryptographic Services 
  • Windows Deployment Services 
  • Windows DHCP Server 
  • Windows DWM Core Library 
  • Windows Hyper-V 
  • Windows Kernel 
  • Windows Mark of the Web (MOTW) 
  • Windows Mobile Broadband 
  • Windows MSHTML Platform 
  • Windows NTFS 
  • Windows Remote Access Connection Manager 
  • Windows Routing and Remote Access Service (RRAS) 
  • Windows Task Scheduler 
  • Windows Win32K - GRFX 
  • Windows Win32K - ICOMP 
  • .NET and Visual Studio 
  • Azure Migrate 
  • Microsoft Bing 
  • Microsoft Brokering File System 

Risk

  • Large and medium business entities: High
  • Small business entities: Medium

 

Remediation Recommendations

  • Ensure all Microsoft products have the latest version(s) installed 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References


 
Vulnerability in Apple Products
Could Allow for
Arbitrary Code Execution 
        

Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.   

Affected Systems:

  •  Versions prior to macOS Sonoma 14.5 
  • Versions prior to macOS Ventura 13.6.7 
  • Versions prior to macOS Monterey 12.7.5 
  • Versions prior to watchOS 10.5 
  • Versions prior to tvOS 17.5 
  • Versions prior to iOS 16.7.8 and iPadOS 16.7.8 
  • Versions prior to iOS 17.5 and iPadOS 17.5 

Risk

  • Large and medium business entities: High
  • Small business entities: Medium

Remediation Recommendations

  • Ensure Apple software has the latest version(s) installed 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References


 
A Vulnerability in Google Chrome
Could Allow for
Arbitrary Code Execution
 
 

Multiple vulnerabilities have been discovered in Google Chrome, which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights. 

 

Affected Systems:

  • Chrome versions prior to 125.0.6422.60/.61 for Windows and Mac 
  • Chrome versions prior to 125.0.6422.60 for Linux 

Risk

  • Large and medium business entities: High
  • Small business entities: Medium

Remediation Recommendations

  • Ensure all devices with Google Chrome have the latest version installed 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References



 
Vulnerabilities in Adobe Products
Could Allow for Arbitrary Code Execution 

 

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. 

Affected Systems:

  • Adobe Acrobat DC 24.002.20736 and earlier versions on Windows and macOS. 
  • Adobe Acrobat Reader DC 24.002.20736 and earlier versions on Windows and macOS. 
  • Adobe Acrobat 2020 20.005.30574 and earlier versions on Windows and macOS. 
  • Adobe Acrobat Reader 2020 20.005.30574 and earlier versions on Windows and macOS. 
  • Adobe Substance 3D Painter 9.1.2 and earlier versions. 
  • Adobe Substance 3D Designer 13.1.1 and earlier versions. 
  • Adobe Aero 0.23.4 and earlier versions on Windows and macOS. 
  • Adobe FrameMaker 2020 Release Update 5 and earlier on Windows. 
  • Adobe FrameMaker 2022 Release Update 3 and earlier on Windows. 
  • Adobe Dreamweaver 21.3 and earlier versions on Windows and macOS.
  • Adobe Illustrator 2024 28.4 and earlier versions on Windows and macOS.
  • Adobe Illustrator 2023 27.9.3 and earlier versions on Windows and macOS.
  • Adobe Animate 2023 23.0.5 and earlier versions on Windows and macOS.
  • Adobe Animate 2024 24.0.2 and earlier versions on Windows and macOS. 

Risk

  • Large and medium business entities: High
  • Small business entities: Medium

Remediation Recommendations

  • Ensure all devices running Oracle products have the latest version(s) installed 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References


 
Multiple Vulnerabilities in Mozilla Products
Could Allow for Arbitrary Code Execution  

 

Multiple vulnerabilities have been discovered in Mozilla Products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.  

Affected Systems:

  • Firefox ESR versions prior to 115.11 
  • Thunderbird versions prior to 115.11 
  • Firefox versions prior to 126 

Risk

  • Large and medium business entities: High
  • Small business entities: High

Remediation Recommendations

  • Ensure all versions of all Mozilla products are updated to their latest versions 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References

Threat Report 12/10/24

Threat Report 12/10/24

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution Multiple vulnerabilities have been discovered in Google Android...

Read More
Threat Report 11/21/24

Threat Report 11/21/24

Critical Patches Issued for Microsoft Products Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could...

Read More
Threat Report 11/7/24

Threat Report 11/7/24

Multiple Vulnerabilities in Microsoft Edge (Chromium-Based) Could Allow for Arbitrary Code Execution Multiple vulnerabilities have been discovered...

Read More