Microsoft Raises Alarm for New Windows Zero-Day Attacks

securityweek.com ^ | 6/8/2021 | Ryan Naraine

[bitt]

Microsoft’s Patch Tuesday will take on extra urgency this month with the news that at least six previously undocumented vulnerabilities are being actively exploited in the wild.

Details on the active attacks are scarce but clues from some of Microsoft’s newest bulletins suggest these were part of extremely targeted APT malware campaigns.

Kaspersky zero-day hunter Boris Larin, who was credited with reporting two of the in-the-wild discoveries -- CVE-2021-31955 and CVE-2021-31956 -- says the attacks were part of a sophisticated cross-browser exploit chain that also hit flaws in Google’s flagship Chrome browser.

“These attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. While we were not able to retrieve the exploit used for remote code execution (RCE) in the Chrome web browser, we were able to find and analyze an elevation of privilege (EoP) exploit that was used to escape the sandbox and obtain system privileges,” Larin explained.

According to Kaspersky, the two Windows flaws were chained to an exploit for a different Chrome vulnerability to plant high-end malware on specific targets running Windows. Kaspersky’s researchers believe they have traced the issue to a Chrome vulnerability that was shared -- and patched -- following the 2021 Pwn2Own marketing event.

In addition to the two flaws documented by Kaspersky, Microsoft is also calling urgent attention to CVE-2021-33739, CVE-2021-33742, CVE-2021-31199 and CVE-2021-31201, warning that all six of these bugs have been targeted by attackers before the availability of patches.

[bitt]

P

[little jeremiah]

I hope someone translates this into techtard/ooga booga talk.

[KevinB]

Translation: Use a browser with a very low user share that hackers won’t bother exploiting.

[GYPSY286]

Demorats are setting us up for the internet blackout and blaming it on attacks by others because once the audit(s) are finished and leaks start coming out, they will want to shut the information train down.

[ProtectOurFreedom]

Translation: “All your bank account are belong to us.”

[datura]

Microsoft? Support Gates Inc?

No thanks.

I wish I could remember the last time my Mac had to update for “security” reasons.

[little jeremiah]

Ah, that I can understand. I don’t do online banking; amisafe?

[ProtectOurFreedom]

Does anybody really know what time it is?

[Repeal The 17th]

“Does anybody really know what time it is?”
-
25 or 6 to 4.

[coloradan]

Hypothetically, what would need to happen for use of Microsoft software being used for anything critical to be properly viewed as a national security vulnerability?

[ProtectOurFreedom]

We are dating ourselves! ;>)

[mouske]

I wonder if any of these issues are the cause of the problems that started in my laptop last Sunday. I’m getting lots of warning windows saying, “Windows Defender has blocked this program ...” Also, I have lost use of the taskbar on the bottom of the screen - no volume control, no search, no response to Start button.

I took it to Staples today for analysis. They couldn’t find problem; suggested a new computer and warned against trying to recover my files to load onto new unit. I see a memorial service in the near future for my Toshiba Satellite (sigh).

[dayglored]

Windows 10 Update... PING!

You can find all the Windows Ping list threads with FR search: just search on keyword "windowspinglist".

Thanks to bitt for the ping!

[Zathras]

A better translation: “All American homes need a real firewall and dump the brainless ones being used.”

[dayglored]

> Translation: Use a browser with a very low user share that hackers won’t bother exploiting.

One of the reasons I use Firefox by default, and the others only when necessary.

[dayglored]

> I wish I could remember the last time my Mac had to update for “security” reasons.

As a fellow Mac user, may I respectfully suggest that you aren't paying enough attention, or perhaps have notifications turned off. MacOS gets security updates fairly regularly. Not as often as Windows, but that's in part because Apple batches them up after a couple months instead of the second Tuesday of every month. MacOS updates are usually big because they wrap a lot of fixes into them.

Please don't fall into complacency just because you aren't running Windows. MacOS and Linux aren't flawless -- all software, all operating systems, all applications, all have security issues.

[Bob434]

[[“Does anybody really know what time it is?”
-
25 or 6 to 4.]]

i coulda swore it was blue- but what do i know? I don’t even know what time it is

[Bikkuri]

If you get a new one, don’t trash the one you have now, upgrade it to Linux ;)

[martin_fierro]

“Networked computers? That’s a thing?” — Bill Gates