Hackers are actively exploiting the critical 0-day Follina vulnerability, which Microsoft is in no hurry to fix. Researchers warn that European governments and municipalities in the US have been targeted by a phishing campaign using malicious RTF documents. Let me remind you that the discovery of Follina became known at the end of May, although… Continue reading Microsoft Is in No Hurry to Fix the Follina Vulnerability, Which Has Become a Real Disaster
Tag: 0patch
Unofficial fixes released for 0-day issue in Windows Mobile Device Management Service
Unofficial fixes released for 0-day issue in Windows Mobile Device Management Service Access to Work or School. The problem is present on devices running Windows 10, version 1809 (and later). The bug is related to a bypass of the information disclosure patch (CVE-2021-24084) released by Microsoft engineers in February this year. This month, cybersecurity researcher… Continue reading Unofficial fixes released for 0-day issue in Windows Mobile Device Management Service
Unofficial patch published for PrintNightmare vulnerability
Last week I talked about a PoC exploit for the dangerous vulnerability CVE-2021-34527 in Windows Print Spooler (spoolsv.exe), which researchers named PrintNightmare, and now an unofficial patch for this problem has been published. When the exploit was published, the researchers found that the patch released in June did not completely fix the problem. Moreover, the… Continue reading Unofficial patch published for PrintNightmare vulnerability
Temporary patch for 0-day vulnerability in Internet Explorer arrived on the Internet
Earlier this week, Microsoft announced about vulnerability in Internet Explorer, which is already exploited for “limited targeted attacks”. Now arrived temporary patch for this 0-day vulnerability in Internet Explorer. The problem received the identifier CVE-2020-0674 and it is associated with a vulnerability in the Firefox browser. Apparently, the mentioned “limited attacks” are part of a… Continue reading Temporary patch for 0-day vulnerability in Internet Explorer arrived on the Internet