Microsoft finally fixes Windows zero-day flaw exploited by state-backed hackers – TechCrunch
Previous Article Next Article.
Microsoft patches a new zero-day affecting all versions of Windows • TechCrunch
Make sure you’ve patched them How to delete yourself from search results and hide your identity online. Windows 11 How to recover deleted files in Windows 10 or 11 The best Windows laptops: Top notebooks, 2-in-1s, and ultraportables I hate Windows How can I make it work more like Windows 10?
How to back up your files in Windows 10 and 11 with File History. Show Comments. Log In to Comment Community Guidelines. Related How to use your phone to diagnose your car’s ‘check engine’ light. Microsoft has made available several workarounds; temporary fixes that can prevent in-application calling. To disable the said protocol, please follow these steps. Step 3. Delete the MSDT registry key. Please type in or paste the following command to delete the registry key:. The modification can be undone by running CMD with admin privileges and typing in.
Another workaround would be to get support either by using the Get Help application or any other type of troubleshooter. While waiting for the official Microsoft fix, you may want to try out some of these tips in order to safeguard your machines against CVE These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites.
If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance. Patch Tuesday Microsoft claims to have finally fixed the Follina zero-day flaw in Windows as part of its June Patch Tuesday batch, which included security updates to address 55 vulnerabilities. Follina, eventually acknowledged by Redmond in a security advisory last month, is the most significant of the bunch as it has already been exploited in the wild.
Criminals and snoops can abuse the remote code execution RCE bug, tracked as CVE , by crafting a file, such as a Word document, so that when opened it calls out to the Microsoft Windows Support Diagnostic Tool, which is then exploited to run malicious code, such spyware and ransomware.
Disabling macros in, say, Word won’t stop this from happening. Since May, malware operators, including state-sponsored gangs, have used Follina to menace or compromise organizations, including US and European government agencies; to spread the data-stealing Qbot malware ; and to delete data and install banking trojans , among other illicit activities.
Customers whose systems are configured to receive automatic updates do not need to take any further action. In addition to mitigating Follina, Microsoft plugged three critical RCE flaws and said none of them have been exploited. The most severe of the three CVE , which received a 9. Microsoft noted exploitation is « more likely » for this bug, and said that can occur if a miscreant, who is already on the network, makes an unauthenticated, specially crafted call to an NFS service to execute remote code.
It received a CVSS score of 8. But if exploited it could be used to move from a guest virtual machine VM to the host where potentially a lot of damage or snooping can be done. Microsoft also marked this bug as more likely to be exploited. After gaining initial access, an intruder can escalate privileges to the level of an administrator and then disable security tools.
As always, there’s a summary of Microsoft’s patches here by the ZDI. Intel joined in the Patch Tuesday fun with three security advisories addressing six medium-severity bugs. Hertzbleed is a type of side-channel attack that takes advantage of dynamic frequency scaling and affects all Intel processors along with several of AMD ‘s desktop, mobile and server chips, according to that company.
The researchers said they have notified other processor vendors, such as Arm, and haven’t confirmed if they are affected by Hertzbleed. Essentially all modern CPUs use frequency scaling, which is an energy management technique that auto-adjusts the CPU core clock frequency depending on the actual processing taking place. A clever attacker could monitor this scaling to infer exactly what data is being processed — using the core frequency to leak the content of data being handled by code — and steal, for instance, cryptographic keys being handled by the processor.
All by paying close attention to exactly how long some code completes, which is affected by the frequency scaling. As the academics put it: « Hertzbleed takes advantage of our experiments showing that, under certain circumstances, the dynamic frequency scaling of modern x86 processors depends on the data being processed. It’s a very smart and very fiddly timing attack, and slow — like tens of bits per second leaked — and may be exploitable depending on your circumstances.
You can read the detailed instructions from the second-half of the page. In case, you are unable to follow the steps, comment down below and we will help you out. So that was all about how to mitigate the risk and fix the zero-day vulnerability on Windows computers until Microsoft releases a security patch. Since the attack is being done through the preview pane, disabling the option should stop the attack altogether.
I would recommend you to make the changes immediately just to be on the safer side. Further, go through our article on the best Windows Malware Removal tool so your PC can detect harmful files then and there.
Also, share this article with other Windows users so that they can also protect their PC. Anyway, that is all from us. If you are facing any issue then comment down below and let us know. Why are we still seeing so many patchwork attempts from Microsoft? If I paid for a say a hover and if went wrong I would be able to get a new one that works fine with no problems and to be fair it is not cheap to by Microsoft it seems like they are getting away with patch work to a bad system and have done for years!
Windows MSDT zero-day vulnerability gets free unofficial patch
Microsoft Support Diagnostic Tool zero-day resolved Microsoft disclosed news of the Microsoft Support Diagnostic Tool (MSDT) vulnerability (CVE. The zero-day bug, tracked as CVE, is described as an elevation of privilege flaw in the Windows Common Log File System Driver, a. Microsoft chose to keep the flaw unaddressed for almost 30 months. However, the advent of the zero-day vulnerability Follina (patched in June.