Overview On November 10, 2020 local time, Microsoft fixed two vulnerabilities in the Windows Network File System (NFS) in its monthly security updates, which are CVE-2020-17051 and CVE-2020-17056. CVE-2020-17051 is a remote code execution vulnerability on the nfssvr.sys driver. It is said that the vulnerability can be reproduced to cause...
Tag: Windows Vulnerability
Windows TCP/IP Remote Code Execution Vulnerability (CVE-2020-16898) Threat Alert
Overview On October 13, 2020 (local time), Microsoft fixed a critical vulnerability dubbed Bad Neighbor (CVE-2020-16898) in the Windows TCP/IP stack in its latest monthly patch update. An attacker might execute arbitrary code on a remote system by sending maliciously crafted ICMPv6 Router Advertisement packets. McAfee said the proof-of-concept code...
Windows Remote Desktop Services Remote Code Execution Vulnerability (CVE-2019-0708) Exploit Disclosure Threat Alert
Exploit Disclosure In the early morning of September 7, Beijing time, a developer disclosed a Metasploit exploit module for the Windows remote desktop services remote code execution vulnerability (CVE-2019-0708) on GitHub. The initial public exploit module (BlueKeep) for the CVE-2019-0708 vulnerability could cause old versions of Windows (Windows 7 SP1...
Windows NTLM Tampering Vulnerability (CVE-2019-1040) Threat Alert
1 Vulnerability Overview On June 12, 2019, Beijing time, Microsoft released security patches for the Windows NTLM tampering vulnerability (CVE-2019-1040), which exists in Windows operating systems and allows attackers to bypass the NTLM MIC (Message Integrity Check) protection. (more…)
