US government warns federal agencies to patch dangerous Windows kernel bug
Date:
Tue, 17 Dec 2024 15:13:00 +0000
Description:
CISA warns of a bug being abused in the wild, so patch now.
FULL STORY ======================================================================CISA added two new flaws to its KEV catalog One of the bugs affects the Windows kernel, the other one was found in an Adobe product US government agencies ordered to patch now or risk attack
The US Cybersecurity and Infrastructure Agency (CISA) has added a new Windows flaw to its Known Exploited Vulnerabilities (KEV) catalog, giving federal agencies a deadline to apply a patch, or stop using the software altogether.
The bug is a Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability with a high severity score of 7.8, tracked as CVE-2024-35250.
The bug can be used to gain system privileges in low-complexity attacks that dont even require any user interaction. Adobe ColdFusion
"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft said in its advisory.
Since Microsoft did not share any further details about this vulnerability, the publication cited the DEVCORE Research team, who demonstrated how the bug works during this years Pwn2Own Vancouver hackathon. The same team reported the bug to Microsoft, who patched it in Junes Patch Tuesday cumulative
update, A proof-of-concept (PoC) was released to GitHub a few months later.
When a vulnerability is added to KEV, that means that there is evidence of in-the-wild abuse. Federal agencies have a three-week deadline to apply the patch, or stop using the flawed software.
At the same time, CISA also added an Adobe ColdFusion vulnerability, tracked as CVE-2024-20767. This one is described as an improper access control weakness that grants unauthenticated remote threat actors the ability to read sensitive files. It affects ColdFusion versions 2023.6, 2021.12 and earlier, and has a high severity score of 7.4 - and Adobe patched it in March 2024.
An attacker could leverage this vulnerability to access or modify restricted files, reads the flaws description on CVE.org. Exploitation of this issue
does not require user interaction. Exploitation of this issue requires the admin panel be exposed to the internet.
CISA stressed that these types of vulnerabilities are frequent attack vectors for malicious cyber actors and as such pose a significant risk to the federal enterprise.
Agencies have until January 6, 2025 to apply the fixes.
Via BleepingComputer You might also like Adobe releases emergency patch for ColdFusion vulnerability Here's a list of the best antivirus These are the best endpoint protection tools right now
======================================================================
Link to news story:
https://www.techradar.com/pro/security/us-government-warns-federal-agencies-to -patch-dangerous-windows-kernel-bug
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)