* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Tuesday, July 8, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Longhua District and Max-Matching Entertainments, supported by RWS Global forge strategic partnership to develop international IP-themed entertainment complex – Amusement Today

    Longhua District and Max-Matching Entertainments, supported by RWS Global forge strategic partnership to develop international IP-themed entertainment complex – Amusement Today

    Government whip to withdraw Entertainment Complex Bill on July 9 – Nation Thailand

    Government whip to withdraw Entertainment Complex Bill on July 9 – Nation Thailand

    Magicians and Battlebots light up Las Vegas entertainment scene – KSNV

    Magicians and Battlebots Take Las Vegas Entertainment by Storm

    Max-Matching Entertainments & Longhua District form partnership for new entertainment complex – Blooloop

    Max-Matching Entertainments and Longhua District Unite to Launch Thrilling New Entertainment Complex

    Kennedy Publishing, MGA Entertainment Launch Yummiland Magazine – License Global

    Kennedy Publishing, MGA Entertainment Launch Yummiland Magazine – License Global

    MAY HER SOUL REST IN PEACE 🙏 Veteran entertainment columnist and talent manager Lolit Solis has passed away. She was 78 years old. https://tinyurl.com/6kumarkx | LatestChika.com – Facebook

    Beloved Entertainment Icon Lolit Solis Passes Away at 78 – A Life Remembered with Love and Respect 🙏

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

    AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

    Technology And Construction Names Join Top Stock Lists: Check Out Additions To IBD 50, Big Cap 20 And More – Investor’s Business Daily

    Technology and Construction Leaders Surge Into Top Stock Rankings: See the Latest Additions to IBD 50, Big Cap 20, and More

    Column: Teach kupuna new technology skills – Honolulu Star-Advertiser

    Empowering Kupuna: Unlocking New Technology Skills for a Connected Future

    EIFO invests $5 million in D3, the Ukraine-focused defence technology venture fund – sUAS News

    EIFO Pledges $5 Million to Supercharge Ukraine-Focused Defense Technology Fund

    New Technology for Water Efficiency and Working with Mexico on Screwworm – AG INFORMATION NETWORK OF THE WEST

    Revolutionary Water Efficiency Technology and Cross-Border Collaboration to Defeat Screwworm

    Environmental cognitive distance, R&D capability distance, and supply chain green technology innovation – Nature

    Bridging Gaps: How Environmental and R&D Differences Drive Green Technology Innovation in Supply Chains

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Longhua District and Max-Matching Entertainments, supported by RWS Global forge strategic partnership to develop international IP-themed entertainment complex – Amusement Today

    Longhua District and Max-Matching Entertainments, supported by RWS Global forge strategic partnership to develop international IP-themed entertainment complex – Amusement Today

    Government whip to withdraw Entertainment Complex Bill on July 9 – Nation Thailand

    Government whip to withdraw Entertainment Complex Bill on July 9 – Nation Thailand

    Magicians and Battlebots light up Las Vegas entertainment scene – KSNV

    Magicians and Battlebots Take Las Vegas Entertainment by Storm

    Max-Matching Entertainments & Longhua District form partnership for new entertainment complex – Blooloop

    Max-Matching Entertainments and Longhua District Unite to Launch Thrilling New Entertainment Complex

    Kennedy Publishing, MGA Entertainment Launch Yummiland Magazine – License Global

    Kennedy Publishing, MGA Entertainment Launch Yummiland Magazine – License Global

    MAY HER SOUL REST IN PEACE 🙏 Veteran entertainment columnist and talent manager Lolit Solis has passed away. She was 78 years old. https://tinyurl.com/6kumarkx | LatestChika.com – Facebook

    Beloved Entertainment Icon Lolit Solis Passes Away at 78 – A Life Remembered with Love and Respect 🙏

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

    AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

    Technology And Construction Names Join Top Stock Lists: Check Out Additions To IBD 50, Big Cap 20 And More – Investor’s Business Daily

    Technology and Construction Leaders Surge Into Top Stock Rankings: See the Latest Additions to IBD 50, Big Cap 20, and More

    Column: Teach kupuna new technology skills – Honolulu Star-Advertiser

    Empowering Kupuna: Unlocking New Technology Skills for a Connected Future

    EIFO invests $5 million in D3, the Ukraine-focused defence technology venture fund – sUAS News

    EIFO Pledges $5 Million to Supercharge Ukraine-Focused Defense Technology Fund

    New Technology for Water Efficiency and Working with Mexico on Screwworm – AG INFORMATION NETWORK OF THE WEST

    Revolutionary Water Efficiency Technology and Cross-Border Collaboration to Defeat Screwworm

    Environmental cognitive distance, R&D capability distance, and supply chain green technology innovation – Nature

    Bridging Gaps: How Environmental and R&D Differences Drive Green Technology Innovation in Supply Chains

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Microsoft users on high alert over dangerous RCE zero-day

July 16, 2023
in Technology
Microsoft users on high alert over dangerous RCE zero-day
Share on FacebookShare on Twitter

A serious RCE vulnerability in Microsoft Office and Windows is among several zero-days disclosed in Redmond’s July Patch Tuesday update, but this one does not have a patch yet

Alex Scroxton

By

Alex Scroxton,
Security Editor

Published: 12 Jul 2023 11:45

Microsoft has disclosed a potentially serious remote code execution (RCE) zero-day under active exploitation – by a group with alleged links to the Russian intelligence services – among more than 100 other vulnerabilities in its July Patch Tuesday update, but the company has not yet issued an actual patch for it.

Although not deemed a critical vulnerability, the flaw’s use by a group Microsoft is tracking as Storm-0978, also known as RomCom after its backdoor malware, appears to have prompted Redmond’s security teams to take pre-emptive action.

The vulnerability in question is tracked as CVE-2023-36884. It affects a total of 41 products including multiple versions of Windows, Windows Server and Office, and can be successfully exploited using a specially crafted Word document that would allow an unauthorised actor to achieve RCE capabilities in the context of their victim, if the victim can be convinced to open the malicious file.

Microsoft said: “Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This might include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.”

Storm-0978 is known to have conducted opportunistic, financially-motivated ransomware attacks using the Underground locker, and extortion-only operations, as well as targeted credential-gathering operations, suggesting it operates in support of Russian intelligence goals.

It has hit multiple government and military targets, with many in Ukraine, as well as organisations across Europe and North America. Its current lures are largely themed around Ukrainian political affairs, most notably Kyiv’s attempts to join the Nato alliance.

Microsoft has issued a list of mitigations for security teams to lessen the potential impact of Storm-0978. For CVE-2023-36884 specifically, it is recommending the use of Block all Office applications from creating child processes attack surface reduction rule, or if this can’t be done, setting the FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION registry key to avoid exploitation, although doing so can cause some functionality issues. Note that users of Microsoft Defender for Office 365 are now protected against malicious attachments exploiting the bug.

Rapid7 head of vulnerability and risk management Adam Barnett said many defenders would be understandably unsettled by the lack of an immediate patch.

“While it’s possible that a patch will be issued as part of next month’s Patch Tuesday, Microsoft Office is deployed just about everywhere, and this threat actor is making waves; admins should be ready for an out-of-cycle security update for CVE-2023-26884,” said Barnett.

The other zero-days in the July update come amid a total of 130 different vulnerabilities addressed this month, a significantly higher volume than of late, but according to Dustin Childs of the Zero Day Initiative, not necessarily out of the ordinary given the shenanigans likely to go on at the annual Black Hat USA conference, now less than a month away.

The zero-days are, in CVE number order:

CVE-2023-32046, an elevation of privilege (EoP) vulnerability in Windows MSHTML Platform;
CVE-2023-32049, a security feature bypass (SFB) vulnerability in Windows SmartScreen;
CVE-2023-35311, an SFB vulnerability in Microsoft Outlook;
CVE-2023-36874, an EoP vulnerability in Windows Error Reporting Service.

Microsoft also issued an advisory, but no specific CVE designation, for an observed campaign of drivers certified by its Windows Hardware Developer Programme (MWHDP) being used maliciously in post-exploitation activity.

This campaign – which saw attackers gain admin privileges on compromised systems before using the drivers – may be read as a sixth zero-day, depending on whose definition of the term you subscribe to.

Microsoft has been investigating this issue since being informed of it by Sophos researchers in February, with other reports from Trend Micro and Cisco Talos also assisting.

It found several developer accounts for the Microsoft Partner Centre (MPC) had been submitting malicious drivers to obtain a Microsoft signature. All these developer accounts and partner seller accounts involved have been suspended.

Updates have been released that untrust drivers and driver singing certificates for the affected files, and blocking detections have been added to Microsoft Defender to better protect customers.

Christopher Budd Sophos X-Ops, director of threat research, said: “Since October of last year, we’ve noticed a concerning rise in threat actors taking advantage of malicious signed drivers to carry out various cyber attacks, including ransomware. We believed that attackers would continue to leverage this attack vector, and that has indeed been the case.

“Back in December 2022, we found seven drivers that were signed with legitimate Microsoft WHCP certificates, and now, after a months long collaboration with Microsoft, we are drawing attention to 100 more of these malicious signed drivers with WHCP certificates.

“Because drivers often communicate with the ‘core’ of the operating system and load before security software, when they are abused, they can be particularly effective at disabling security protections – especially when signed by a trusted authority. Many of the malicious drivers we’ve discovered were specifically designed to target and take out EDR [Endpoint Detection and Response] products, leaving the affected systems vulnerable to a range of malicious activity,” said Budd.

“Obtaining a signature for a malicious driver is difficult, so this technique is primarily used by advanced threat actors in targeted attacks. What’s more, these particular drivers aren’t vendor specific; they’re targeting a wide range of EDR software. That’s why the broader security community needs to be aware, so that they can implement additional protections where necessary. It’s important that companies implement the patches Microsoft released today,” he said.

Read more on Application security and coding requirements


No zero-days for June Patch Tuesday, but plenty to chew over

AlexScroxton

By: Alex Scroxton


Secure Boot vulnerability causes Patch Tuesday headache for admins

AlexScroxton

By: Alex Scroxton


Thousands at risk from critical RCE bug in legacy MS service

AlexScroxton

By: Alex Scroxton


April Patch Tuesday fixes zero-day used to deliver ransomware

AlexScroxton

By: Alex Scroxton

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Computer Weekly – https://www.computerweekly.com/news/366544495/Microsoft-users-on-high-alert-over-dangerous-RCE-zero-day

Tags: Microsofttechnologyusers
Previous Post

Sam Bankman-Fried Wants ‘Close Associates’ to Visit without Security Checks

Next Post

Poland Hires PR Outfit Tied to Right-Wing Grifters

AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

July 8, 2025
Brewers chase All-Star Yoshinobu Yamamoto with 5 runs in 1st inning, hand Dodgers their 4th straight loss – Yahoo Sports

Brewers chase All-Star Yoshinobu Yamamoto with 5 runs in 1st inning, hand Dodgers their 4th straight loss – Yahoo Sports

July 8, 2025
An episodic burst of massive genomic rearrangements and the origin of non-marine annelids – Nature

Explosive Genomic Shifts Ignite the Evolutionary Rise of Land-Dwelling Annelids

July 8, 2025
Earth is going to spin much faster over the next few months — so fast that several days are going to get shorter – Live Science

Earth is going to spin much faster over the next few months — so fast that several days are going to get shorter – Live Science

July 8, 2025
Putnam Museum and Science Center Ribbon-Cutting July 12 – River Cities’ Reader

Putnam Museum and Science Center Ribbon-Cutting July 12 – River Cities’ Reader

July 8, 2025
New Miiro Lifestyle Hotel Brand Expands Further In Europe – Forbes

New Miiro Lifestyle Hotel Brand Expands Further In Europe – Forbes

July 8, 2025
Dino Might!: ‘Jurassic World Rebirth’ Bows To $318.3M Global In Biggest Studio Opening Year-To-Date WW; ‘F1’ Nears $300M’ & ‘Dragon’ Tops $500M – International Box Office – Deadline

Dino Might!: ‘Jurassic World Rebirth’ Bows To $318.3M Global In Biggest Studio Opening Year-To-Date WW; ‘F1’ Nears $300M’ & ‘Dragon’ Tops $500M – International Box Office – Deadline

July 8, 2025
As a Nation’s Economy Slows, Some Say It’s No Time for a Free Lunch – The New York Times

As a Nation’s Economy Slows, Some Say It’s No Time for a Free Lunch – The New York Times

July 8, 2025
Longhua District and Max-Matching Entertainments, supported by RWS Global forge strategic partnership to develop international IP-themed entertainment complex – Amusement Today

Longhua District and Max-Matching Entertainments, supported by RWS Global forge strategic partnership to develop international IP-themed entertainment complex – Amusement Today

July 8, 2025
The 63 Best Amazon Prime Day Health & Fitness Deals, Up to 85% Off – health.com

The 63 Best Amazon Prime Day Health & Fitness Deals, Up to 85% Off – health.com

July 8, 2025

Categories

Archives

July 2025
MTWTFSS
 123456
78910111213
14151617181920
21222324252627
28293031 
« Jun    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (710)
  • Economy (735)
  • Entertainment (21,623)
  • General (15,773)
  • Health (9,773)
  • Lifestyle (740)
  • News (22,149)
  • People (735)
  • Politics (744)
  • Science (15,952)
  • Sports (21,234)
  • Technology (15,719)
  • World (716)

Recent News

AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

AI and the Trust Revolution: How Technology Is Transforming Human Connections – Foreign Affairs

July 8, 2025
Brewers chase All-Star Yoshinobu Yamamoto with 5 runs in 1st inning, hand Dodgers their 4th straight loss – Yahoo Sports

Brewers chase All-Star Yoshinobu Yamamoto with 5 runs in 1st inning, hand Dodgers their 4th straight loss – Yahoo Sports

July 8, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version