Windows File Explorer Spoofing Vulnerability (CVE-2025-24071)
março 19, 2025
Overview Recently, NSFOCUS CERT detected that Microsoft released a security announcement and fixed the spoofing vulnerability of Windows File Explorer (CVE-2025-24071), with a CVSS score of 7.5. Due to the implicit trust and automatic file parsing behavior of .library-ms files by Windows Explorer, unauthenticated attackers can save files by constructing RAR/ZIP with an embedded malicious […]
Microsoft Security Update Notification in February of High-Risk Vulnerabilities in Multiple Products
fevereiro 14, 2025
Overview On February 12, NSFOCUS CERT detected that Microsoft released a security update patch for February, which fixed 63 security issues involving widely used products such as Windows, Microsoft Office, Azure, Apps, and Microsoft Visual Studio, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in Microsoft’s monthly update […]
Microsoft’s December Security Update of High-Risk Vulnerabilities in Multiple Products
dezembro 14, 2024
Overview On December 11th, NSFOCUS CERT monitored that Microsoft released the December security update patch, fixing 72 security issues involving widely-used products such as Windows, Windows LDAP, Microsoft Office, Windows Remote Desktop Services, and Microsoft SharePoint. These include high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed in this […]
Microsoft’s August Security Update on High-Risk Vulnerabilities in Multiple Products
agosto 15, 2024
Overview On August 14, NSFOCUS CERT detected that Microsoft released a security update patch for August, which fixed 90 security issues involving widely used products such as Windows, Microsoft Office, Visual Studio and Azure, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in Microsoft’s monthly update this month, […]
Windows Privilege Escalation Vulnerability (CVE-2021-36934) Threat Alert
agosto 24, 2021
Overview Recently, NSFOCUS CERT discovered a critical security bulletin released by Microsoft to disclose a privilege escalation vulnerability (CVE-2021-36934) in Windows. A privilege escalation vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files (including the Security Account Manager (SAM) database). When a built-in administrator account is enabled in the system, […]
Microsoft’s July 2021 Security Updates Fix Multiple Products’ High-Risk Vulnerabilities
julho 28, 2021
Overview According to NSFOCUS CERT’s monitoring, Microsoft released July 2021 Security Updates on July 14 to fix 117 vulnerabilities, including high-risk remote code execution and privilege escalation, in widely used products like Windows, Microsoft Office, Microsoft Edge, Visual Studio, and SharePoint Server. In the vulnerabilities fixed by this month’s security updates, there are 13 critical […]
Windows Print Spooler RCE Vulnerabilities (CVE-2021-1675/CVE-2021-34527) Mitigation Guide
julho 13, 2021
Overview On July 7, 2021, Beijing time, Microsoft released a security patch on the PrintNightmare vulnerability (CVE-2021-34527). NSFOCUS CERT recommends that users install this patch as soon as possible. On June 29, NSFOCUS CERT found that a security researcher published an exploit of the Windows Print Spooler remote code execution (RCE) vulnerability (PrintNightmare) on GitHub. […]
Microsoft February Security Updates for Multiple High-Risk Product Vulnerabilities
fevereiro 25, 2021
Vulnerability Description On February 10, 2021, Beijing time, Microsoft released February 2021 Security Updates that fix 56 vulnerabilities, including high-risk ones like remote code execution and privilege escalation in various widely used products such as Microsoft Windows, Microsoft Office, Microsoft Exchange Server, Visual Studio, and Microsoft .NET Framework. In these security updates, Microsoft fixes 11 […]
Windows Network File System Vulnerabilities (CVE-2020-17051, CVE-2020-17056) Threat Alert
dezembro 2, 2020
Overview
On November 10, 2020 local time, Microsoft fixed two vulnerabilities in the Windows Network File System (NFS) in its monthly security updates, which are CVE-2020-17051 and CVE-2020-17056.
CVE-2020-17051 is a remote code execution vulnerability on the nfssvr.sys driver. It is said that the vulnerability can be reproduced to cause an immediate BSOD (Blue Screen of Death) within the driver [3].
CVE-2020-17056 is a remote out-of-bounds read vulnerability on the nfssvr.sys driver, which can lead to an address space layout randomization (ASLR) bypass.
(mais…)Windows TCP/IP Remote Code Execution Vulnerability (CVE-2020-16898) Threat Alert
novembro 2, 2020
Overview
On October 13, 2020 (local time), Microsoft fixed a critical vulnerability dubbed Bad Neighbor (CVE-2020-16898) in the Windows TCP/IP stack in its latest monthly patch update. An attacker might execute arbitrary code on a remote system by sending maliciously crafted ICMPv6 Router Advertisement packets.
McAfee said the proof-of-concept code shared with MAPP (Microsoft Active Protection Program) members is both simple and reliable and can result in an immediate BSOD (Blue Screen of Death)
(mais…)