1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This critical Windows security flaw could be as serious as WannaC

    From TechnologyDaily@1337:1/100 to All on Tue Dec 20 20:15:04 2022
    This critical Windows security flaw could be as serious as WannaCry, experts claim

    Date:
    Tue, 20 Dec 2022 20:03:08 +0000

    Description:
    A patch is already available, though, so make sure to update your Windows devices.

    FULL STORY ======================================================================

    A vulnerability more serious than EternalBlue was sitting in Windows for some time, before being finally discovered and patched, experts have revealed.

    For those with shorter memory, EternalBlue was an NSA-built zero-day for Windows which gave birth to WannaCry , possibly the most devastating global ransomware threat to ever emerge.

    Researchers from IBM, which discovered the flaw, said that it was even more potent as it resided in a wider range of network protocols, giving threat actors more flexibility when conducting their attacks. Three-month headway

    The flaw, tracked as CVE-2022-37958, isnt exactly new, as it was discovered - and patched - three months ago.

    The news is that no one - not the researchers, not Microsoft issuing the
    patch - knew exactly how dangerous it really was. In reality, it allows
    threat actors to run malicious code without the need for authentication. Furthermore, its wormable, allowing threat actors to trigger a chain reaction of self-multiplying exploits on other vulnerable endpoints . In other words, the malware abusing the flaw could spread across devices like wildfire.

    Discussing the findings with Ars Technica , Valentina Palmiotti, the IBM security researcher who discovered the code-execution vulnerability, said an attacker could trigger the vulnerability via any Windows application protocol that authenticates.

    For example, the vulnerability can be triggered by trying to connect to an
    SMB share or via Remote Desktop . Some other examples include Internet
    exposed Microsoft IIS servers and SMTP servers that have Windows Authentication enabled. Of course, they can also be exploited on internal networks if left unpatched. Read more

    NotPetya attack - three years on, what have we learned?


    Ethical hackers show that Windows 10 isnt immune to WannaCry


    These are the best malware removal tools around

    When Microsoft first patched it three months ago, it believed the flaw could only allow threat actors to grab some sensitive information from the device, and as such, labeled it as important. Now, the company amended the rating, labeling it as critical, with a severity score of 8.1.

    Unlike EternalBlue, which was a zero-day and left security experts and software makers scrambling to build a fix, the patch for this flaw has been available for three months now, so its effects should be somewhat limited. Here's our rundown of the best firewalls on the market today

    Via: Ars Technica



    ======================================================================
    Link to news story: https://www.techradar.com/news/this-critical-windows-security-flaw-could-be-as -serious-as-wannacry-experts-claim


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)