CISA Warns of Microsoft Zero-day Exploited in Attacks
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding two newly disclosed vulnerabilities in Microsoft Windows, urging organizations and users to apply mitigations promptly to prevent potential exploitation in the wild.
These flaws, CVE-2024-49039andCVE-2024-43451, could allow attackers to escalate privileges and compromise sensitive data.
CVE-2024-49039: Task Scheduler Privilege Escalation Vulnerability
The first vulnerability,CVE-2024-49039, affects the Microsoft Windows Task Scheduler. This flaw allows a local attacker to escalate privileges by executing malicious code outside its restricted AppContainer environment.
While it remains unclear whether this vulnerability has been actively exploited in ransomware campaigns, its risk is significant.
CISA has advised users to follow Microsoft’s mitigation guidelines or discontinue using affected systems if no mitigations are available.
CVE-2024-43451: NTLMv2 Hash Disclosure Spoofing Vulnerability
The second vulnerability, CVE-2024-43451, targets the NTLMv2 (NT LAN Manager version 2) authentication protocol in Microsoft Windows.
This flaw allows an attacker to disclose a user’s NTLMv2 hash by tricking the victim into opening a malicious file.
With the exposed hash, attackers could impersonate the user and gain unauthorized access to critical systems or data.
Though no confirmed ransomware campaigns have been linked to this vulnerability, it poses a severe threat to organizations using NTLM authentication. Users are again urged to apply the necessary mitigations or cease using affected products if no patch is available.
CISA has highlighted the urgency of addressing these vulnerabilities, emphasizing the potential for attackers to exploit them in future campaigns.
Organizations are advised to stay vigilant, implement the recommended mitigations, and monitor for any signs of compromise.
#Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
CISA Warns of Microsoft Zero-day Exploited in Attacks
Author: DhivyaThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding two newly disclosed vulnerabilities in Microsoft Windows, urging organizations and users to apply mitigations promptly to prevent potential exploitation in the wild.
These flaws, CVE-2024-49039andCVE-2024-43451, could allow attackers to escalate privileges and compromise sensitive data.
CVE-2024-49039: Task Scheduler Privilege Escalation Vulnerability
The first vulnerability,CVE-2024-49039, affects the Microsoft Windows Task Scheduler. This flaw allows a local attacker to escalate privileges by executing malicious code outside its restricted AppContainer environment.
While it remains unclear whether this vulnerability has been actively exploited in ransomware campaigns, its risk is significant.
CISA has advised users to follow Microsoft’s mitigation guidelines or discontinue using affected systems if no mitigations are available.
CVE-2024-43451: NTLMv2 Hash Disclosure Spoofing Vulnerability
The second vulnerability, CVE-2024-43451, targets the NTLMv2 (NT LAN Manager version 2) authentication protocol in Microsoft Windows.
This flaw allows an attacker to disclose a user’s NTLMv2 hash by tricking the victim into opening a malicious file.
With the exposed hash, attackers could impersonate the user and gain unauthorized access to critical systems or data.
Though no confirmed ransomware campaigns have been linked to this vulnerability, it poses a severe threat to organizations using NTLM authentication. Users are again urged to apply the necessary mitigations or cease using affected products if no patch is available.
CISA has highlighted the urgency of addressing these vulnerabilities, emphasizing the potential for attackers to exploit them in future campaigns.
Organizations are advised to stay vigilant, implement the recommended mitigations, and monitor for any signs of compromise.
#Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
