How do these critical vulnerabilities affect your business?
See the latest bulletin from our threat research team below.
Get new security bulletins directly in your inbox as soon as they're released by our threat research team.
Microsoft Defender Remote Code Execution Vulnerability
- Identifier: CVE-2021-1647
- Exploit or POC: YES (Actively being exploited)
- Update:https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1647
- Description:
Buffer Overflows occur when a memory location is filled past its expected boundaries. Computer attackers target systems without proper terminating conditions on buffers, which then write the additional information in other locations in memory, overwriting what is there. This could corrupt the data, making the system behave erratically or crash. The new information could include malicious executable code, which might be executed.
- Mitigation recommendation:
Currently the only mitigation method is to patch.
|
Windows Win32k Elevation of Privilege Vulnerability
- Identifier: CVE-2021-1709
- Exploit or POC: Very Likely
- Update:
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1709
- Description:
Windows Win32k Elevation of Privilege Vulnerability. No other information provided by the vendor. This vulnerability does not require user interaction. An attacker can exploit a local machine to elevate their privileges and use these privileges to carry out additional attacks.
- Mitigation recommendation:
Currently the only mitigation method is to patch.
Linux kernel Buffer Overflows in mwifiex_cmd_802_11_ad_hoc_start
|
Join today to get future security bulletins** in your inbox asap.
*Active exploits may have changed since the dissemination of this bulletin which was January 14. This list does not represent the full list of current vulnerabilities.
**And to see the full list of vulnerabilities we released with this batch.