Windows

Windows TCP/IP Remote Code Execution Vulnerability (CVE-2021-24074)

fevereiro 24, 2021

Vulnerability Description On February 10, NSFOCUS found that Microsoft fixed the Windows TCP/IP remote code execution vulnerability (CVE-2021-24074) in its February updates. This vulnerability exists in the IPv4 source routing which is blocked by default in Windows systems. Attackers, via a crafted IP packet, could exploit this vulnerability to execute arbitrary code on a target […]

Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) Technical Analysis and Solution

junho 15, 2020

Overview

On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. This vulnerability exists in the way the Microsoft SMBv3 protocol handles certain requests. An attacker could exploit this vulnerability in an unauthenticated way.

For the SMBv3 server, attackers could send a crafted packet to the server to trigger this vulnerability; for the SMBv3 client, attackers could trigger the vulnerability by tricking the user into connecting to a maliciously crafted SMB server.

(mais…)

Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) Technical Analysis and Solution

março 30, 2020

Overview

On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. This vulnerability exists in the way the Microsoft SMBv3 protocol handles certain requests. An attacker could exploit this vulnerability in an unauthenticated way. (mais…)

Windows CryptoAPI High Risk Vulnerability (CVE-2020-0601) Security Alert

janeiro 27, 2020

Overview

 

On January 14, local time, one of the latest monthly patch updates from Microsoft fixed the Windows CryptoAPI spoofing vulnerability (CVE-2020-0601) discovered and reported to Microsoft by the National Security Agency (NSA), which affects Windows 10. , Windows Server 2016 and Windows Server 2019. (mais…)