1. Forum
  2. FidoNet
  3. POLITICS

  • US government warns feder

    From Mike Powell@1:2320/105 to All on Wed Dec 18 10:30:00 2024
    US government warns federal agencies to patch dangerous Windows kernel bug

    Date:
    Tue, 17 Dec 2024 15:13:00 +0000

    Description:
    CISA warns of a bug being abused in the wild, so patch now.

    FULL STORY

    The US Cybersecurity and Infrastructure Agency (CISA) has added a new Windows flaw to its Known Exploited Vulnerabilities (KEV) catalog, giving federal agencies a deadline to apply a patch, or stop using the software altogether.

    The bug is a Microsoft Windows Kernel-Mode Driver Untrusted Pointer
    Dereference Vulnerability with a high severity score of 7.8, tracked as CVE-2024-35250.

    The bug can be used to gain system privileges in low-complexity attacks that dont even require any user interaction.

    Adobe ColdFusion

    "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft said in its advisory.

    Since Microsoft did not share any further details about this vulnerability,
    the publication cited the DEVCORE Research team, who demonstrated how the bug works during this years Pwn2Own Vancouver hackathon. The same team reported
    the bug to Microsoft, who patched it in Junes Patch Tuesday cumulative
    update, A proof-of-concept (PoC) was released to GitHub a few months later.

    When a vulnerability is added to KEV, that means that there is evidence of in-the-wild abuse. Federal agencies have a three-week deadline to apply the patch, or stop using the flawed software.

    At the same time, CISA also added an Adobe ColdFusion vulnerability, tracked
    as CVE-2024-20767. This one is described as an improper access control
    weakness that grants unauthenticated remote threat actors the ability to read sensitive files. It affects ColdFusion versions 2023.6, 2021.12 and earlier, and has a high severity score of 7.4 - and Adobe patched it in March 2024.

    An attacker could leverage this vulnerability to access or modify restricted files, reads the flaws description on CVE.org. Exploitation of this issue
    does not require user interaction. Exploitation of this issue requires the admin panel be exposed to the internet.

    CISA stressed that these types of vulnerabilities are frequent attack vectors for malicious cyber actors and as such pose a significant risk to the federal enterprise.

    Agencies have until January 6, 2025 to apply the fixes.

    Via BleepingComputer

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/us-government-warns-federal-agencies-to -patch-dangerous-windows-kernel-bug

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)