Results 1 to 2 of 2

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

  1. #1
    Senior Member JohnDoe2's Avatar
    Join Date
    Aug 2008
    Location
    PARADISE (San Diego)
    Posts
    94,954

    Microsoft fixes 55 vulnerabilities, 3 exploited by Russian cyberspies

    Microsoft fixes 55 vulnerabilities, 3 exploited by Russian cyberspies

    Microsoft fixed critical vulnerabilities in Windows, Office, Edge, Internet Explorer, and its malware protection engine

    By Lucian Constantin

    Romania Correspondent, IDG News Service | MAY 9, 2017 2:21 PM PT

    Credit: Stephen Brashear/Getty Images for Microsoft

    Microsoft released security patches Tuesday for 55 vulnerabilities across the company's products, including for three flaws that are already exploited in targeted attacks by cyberespionage groups.

    Fifteen of the vulnerabilities fixed in Microsoft's patch bundle for May are rated as critical and they affect Windows, Microsoft Office, Microsoft Edge, Internet Explorer, and the malware protection engine used in most of the company's anti-malware products.


    System administrators should prioritize the Microsoft Office patches because they address two vulnerabilities that attackers have exploited in targeted attacks over the past two months. Both of these flaws, CVE-2017-0261 and CVE-2017-0262, stem from how Microsoft Office handles Encapsulated PostScript (EPS) image files and can lead to remote code execution on the underlying system.


    [ Further reading: How the new age of antivirus software will protect your PC ]


    According to researchers from FireEye, the CVE-2017-0261 vulnerability has been exploited since late March by an unidentified gang of financially motivated attackers and by a Russian cyberespionage group called Turla.

    Also known as Snake or Uroburos, the Turla group has been active since at least 2007 and has been responsible for some of the most complex cyberespionage attacks to date. Its targets are usually government entities, intelligence agencies, embassies, military organizations, research and academic institutions, and large corporations.


    The CVE-2017-0261 exploits came in the form of Word documents with embedded malicious EPS content that were distributed via email. The attacks also attempted to exploit a Windows privilege escalation vulnerability tracked as CVE-2017-0001 that Microsoft patched on March 14.


    Later, in April, researchers from FireEye and ESET discovered a different cyberespionage campaign exploiting the second EPS-related Microsoft Office vulnerability that was patched Tuesday: CVE-2017-0262. Those attacks were traced back to a Russian cyberespionage group known in the security industry as APT28, Fancy Bear, or Pawn Storm.


    APT28 is the group blamed for hacking into the U.S. Democratic National Committee last year during the presidential election. The group's selection of targets over the years has reflected Russia's geopolitical interests leading many researchers to believe that APT28 is tied to the Russian Military Intelligence Service (GRU).


    APT28's past attacks have demonstrated that the group has access to an arsenal of zero-day exploits -- exploits for previously undisclosed vulnerabilities. Its exploit for CVE-2017-0262 was distributed in a decoy document about President Donald Trump's decision to launch an attack in Syria last month and was chained with another zero-day exploit for a Windows privilege escalation vulnerability (CVE-2017-0263) that was also patched Tuesday.


    Even though the CVE-2017-0262 EPS vulnerability was technically patched Tuesday, users who installed the Microsoft Office updates released in April were protected against it. That's because those updates disabled the EPS filter in Office as a defense-in-depth measure, Microsoft researchers said Tuesday in a blog post.


    System admins should also prioritize this month's security updates for Internet Explorer and Edge, because they fix critical vulnerabilities that could be exploited by visiting malicious websites or by viewing specially crafted advertisements inside the browsers.

    One of the patched IE flaws is already exploited by attackers, while one patched in Edge has been publicly disclosed.


    The updates for Windows should come next on the priority list because they address several remote code execution vulnerabilities in the SMB network file-sharing protocol. These vulnerabilities put Windows desktop and server installations at risk of hacking if they use SMBv1.


    Finally, users of Microsoft's anti-malware products, including Windows Defender and Microsoft Security Essentials should make sure that their engine is updated to version 1.1.13704.0. Older versions contain a highly critical vulnerability that can be easily exploited by attackers to take complete control of computers.

    http://www.pcworld.com/article/31958...yberspies.html
    NO AMNESTY

    Don't reward the criminal actions of millions of illegal aliens by giving them citizenship.


    Sign in and post comments here.

    Please support our fight against illegal immigration by joining ALIPAC's email alerts here https://eepurl.com/cktGTn

  2. #2
    Senior Member JohnDoe2's Avatar
    Join Date
    Aug 2008
    Location
    PARADISE (San Diego)
    Posts
    94,954
    NO AMNESTY

    Don't reward the criminal actions of millions of illegal aliens by giving them citizenship.


    Sign in and post comments here.

    Please support our fight against illegal immigration by joining ALIPAC's email alerts here https://eepurl.com/cktGTn

Similar Threads

  1. Microsoft fixes big IE bug -- even on Windows XP
    By JohnDoe2 in forum Other Topics News and Issues
    Replies: 2
    Last Post: 07-15-2016, 09:07 AM
  2. Microsoft Patches 33 Vulnerabilities in November Patch Tuesday Update
    By JohnDoe2 in forum Other Topics News and Issues
    Replies: 1
    Last Post: 11-12-2014, 02:07 PM
  3. Microsoft books critical IE, Windows fixes for next week
    By JohnDoe2 in forum Other Topics News and Issues
    Replies: 1
    Last Post: 11-12-2013, 02:57 PM
  4. Microsoft's holiday bonus: Fixes for 40 flaws
    By JohnDoe2 in forum Other Topics News and Issues
    Replies: 0
    Last Post: 12-14-2010, 11:56 PM
  5. Microsoft to Patch 49 Vulnerabilities Next Week (TODAY)
    By JohnDoe2 in forum Other Topics News and Issues
    Replies: 7
    Last Post: 10-13-2010, 01:58 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •