Microsoft engineers have published a security bulletin on a new vulnerability affecting Surface Pro 3 tablets. The bug could be used by an attacker to inject malicious devices into corporate networks and bypass the Device Health Attestation. Other Surface devices, including Surface Pro 4 and Surface Book, are not considered affected by this issue. Although… Continue reading Microsoft warns of dangerous vulnerability in Surface Pro 3 devices
Tag: vulnerability
Dangerous bug in WhatsApp could lead to disclosure of user data
Check Point specialists spoke about a dangerous bug they discovered in the WhatsApp image processing function, which could lead to the disclosure of user data. The problem helped to disable the application, in addition, by applying certain filters to a specially created image and sending it to a potential victim, an attacker could exploit the… Continue reading Dangerous bug in WhatsApp could lead to disclosure of user data
Microsoft warned of a critical vulnerability in Cosmos DB
Microsoft has warned thousands of Azure customers of a critical Cosmos DB vulnerability. The bug allows any user remote database management, and grants administrator rights without the need for authorization. The problem was discovered by the research team of the cloud security company Wiz. Experts named the vulnerability ChaosDB and reported it to Microsoft on… Continue reading Microsoft warned of a critical vulnerability in Cosmos DB
Microsoft Warns of New Print Spooler Vulnerability
Microsoft has released a notice of a new vulnerability in Print Spooler (CVE-2021-36958) that allows local attackers to gain system privileges on a computer. The new vulnerability is related to other PrintNightmare bugs that exploit the configuration settings for Print Spooler, print drivers, anфd Windows Point and Print. Microsoft previously released patches for PrintNightmare in… Continue reading Microsoft Warns of New Print Spooler Vulnerability
Vulnerabilities in Amazon Kindle Allowed Taking Full Control of the Device
Check Point researchers reported that in April of this year, IT giant Amazon eliminated critical vulnerabilities in the Amazon Kindle. The problems could be used to gain full control over the device, allowed them to steal the Amazon device token and other confidential data stored on it. For a successful attack on a Kindle, just… Continue reading Vulnerabilities in Amazon Kindle Allowed Taking Full Control of the Device
Researchers found a vulnerability that affects millions of HP, Xerox and Samsung printers
In February of this year, SentinelOne experts found a 16-year-old vulnerability in the driver of HP, Xerox and Samsung printers. The problem allows attackers to gain administrator rights on systems that use vulnerable software. The vulnerability received the identifier CVE-2021-3438 and has been present in the driver code since 2005, that is, it poses a… Continue reading Researchers found a vulnerability that affects millions of HP, Xerox and Samsung printers
The official patch for the PrintNightmare vulnerability was ineffective
Earlier this week, Microsoft released an emergency patch for a critical PrintNightmare bug recently discovered in Windows Print Spooler (spoolsv.exe), but it was ineffective. Microsoft assigned the bug ID CVE-2021-34527, and also confirmed that the problem allows arbitrary code to be executed remotely with SYSTEM privileges and allows an attacker to install programs, view, modify… Continue reading The official patch for the PrintNightmare vulnerability was ineffective
Microsoft releases unscheduled patch for PrintNightmare vulnerability
Microsoft has prepared an emergency patch for a critical PrintNightmare bug that was recently discovered in Windows Print Spooler (spoolsv.exe). The PrintNightmare issue caused much confusion, as Microsoft initially combined two vulnerabilities under one identifier (CVE-2021-1675). But the official patch released in June only fixed part of the problem, leaving a critical RCE bug unpatched.… Continue reading Microsoft releases unscheduled patch for PrintNightmare vulnerability
Microsoft fixes a bug that corrupted FLAC files
Microsoft has fixed a bug in Windows 10 that changed the name, artist, or other metadata in FLAC files, therefore corrupting them. The bug affected several editions of Windows 10 (Home, Pro, Enterprise, Education, Pro Education and Pro for Workstations), as well as several versions (2004 and 20H2). The problem could arise when editing the… Continue reading Microsoft fixes a bug that corrupted FLAC files