Windows

Microsoft Windows OS Gets Affected by Unpatched Unauthorized File Read Vulnerability

Leave a Comment / Uncategorized, Vulnerabilities /

The Windows Security Vulnerability (CVE-2021-24084) which allows disclosure and Local Privilege Escalation (LPE) on vulnerable systems has received a follow up patch after the last patch failed to solve the problem. But as observed by Naceri in June 2021, not only could the patch be bypassed to achieve the same objective, the researcher this month […]

Microsoft Windows OS Gets Affected by Unpatched Unauthorized File Read Vulnerability Read More »

WIndows Users are Currently Targets of New 0-Day Attack Exploiting Microsoft Office Documents

Leave a Comment / Cyber Attacks /

An actively exploited zero-day flaw Tracked as CVE-2021-40444 (CVSS score: 8.8), has been discovered to be impacting Internet Explorer. The remote code execution flaw is rooted in MSHTML (aka Trident), a proprietary browser engine for the now-discontinued Internet Explorer and which is used in Office to render web content inside Word, Excel, and PowerPoint documents.

WIndows Users are Currently Targets of New 0-Day Attack Exploiting Microsoft Office Documents Read More »

Windows Systems are getting Infected with UEFI Bootkit by New FinSpy Malware Variant

Leave a Comment / Malware /

FinFisher surveillanceware has been upgraded to infect Windows devices using a UEFI (Unified Extensible Firmware Interface) bootkit making use of a trojanized Windows Boot Manager, marking a shift in infection vectors that allow it to elude discovery and analysis. Detected since 2011, FinFisher also known as the Wingbird of FinSpy is a spyware toolset for

Windows Systems are getting Infected with UEFI Bootkit by New FinSpy Malware Variant Read More »