Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Warning of zero-day vulnerabilities in window manager on PC
When analyzing the CVE-2021-1732 vulnerability that was once exploited by the BITT APT team, Kaspersky experts found a similar zero-day vulnerability. This is a vulnerability that has never been previously exploited and has not been associated with any known harmful agents. Immediately, Kaspersky notified Microsoft. Once confirmed, this zero-day vulnerability is named CVE-2021-28310.
'Initially, this vulnerability was discovered by our advanced technology to prevent the vulnerability and archive related findings. In fact, over the past few years, we have included many anti-exploit technologies in our products, and these technologies have consistently worked .''- Boris Larin - security expert at Kaspersky - said.
According to the researchers, it is likely that this vulnerability has been used but not discovered. This is a privilege escalation (EoP) vulnerability discovered in the Desktop Window Manager, allowing an attacker to execute malicious code on the victim's machine. This vulnerability can potentially be used in conjunction with other vulnerabilities in the browser to avoid the sandbox engine. Hackers can even gain privileges through this loophole to gain deeper access to a computer system.
However, Kaspersky's initial investigation has not revealed the full chain of infections. Therefore, security experts still do not know if this vulnerability will be used concurrently with another zero-day vulnerability.
To prevent threats from new vulnerabilities, Kaspersky experts recommend individuals and businesses to install patches for the vulnerability as soon as possible. In addition, IT security managers can use vulnerability and patch management in an endpoint security solution to simplify work. To avoid unexpected cyber attacks, units should also deploy an enterprise-level security solution that detects high-level threats early in the network.
Samuel DanielYou should read it
- Security vulnerabilities - basic insights
- HP publishes a series of critical vulnerabilities in the Teradici PCoIP protocol
- Find security holes on every site with Nikto
- Microsoft expert discovered a series of serious code execution errors in IoT, OT devices
- 5 common errors in managing security vulnerabilities
- New dangerous vulnerability in Intel CPU: Works like Specter and Meltdown, threatening all PCs and the cloud
- Many serious vulnerabilities have been discovered that allow attackers to take full control of the 4G router
- How to scan websites for potential security vulnerabilities with Vega on Kali Linux
May be interested
- Warning about serious vulnerabilities in SQL Server
systems running sql server 2000, sql server 2005, sql server 2005 express edition, sql server 2000 desktop engine (msde 2000), ... can be exploited and controlled - Neat Download Manager 1.3/1.8.0, download Neat Download Manager 1.3/1.8.0 hereneat download manager is a download manager that can be used with both mac os and windows. this application speeds up downloading files from the internet and helps you keep your download library up to date and organized.
- Warning: The number of vulnerabilities in open source software are increasing rapidlybesides malware, spam emails or ddos attacks, vulnerabilities in open source software are also considered as one of the most significant security threats at the moment.
- Ways to enable Task Manager in Windows 11in windows 11, task manager has received a number of improvements, both in appearance and features. for example, if ever, windows users in general have a habit of launching task manager by right-clicking on the taskbar and selecting the corresponding option.
- 7 simple ways to open Task Manager on Macbook, Windows 10,11how to open task manager will help improve work efficiency and quickly handle computer problems effectively. find out with hacom here.
- Microsoft expert discovered a series of serious code execution errors in IoT, OT devicesmicrosoft security researchers announced that they discovered more than two dozen serious remote code execution (rce) vulnerabilities related to internet of things (iot) and operational technology (ot) devices being used. relatively popular use today.
- New dangerous vulnerability in Intel CPU: Works like Specter and Meltdown, threatening all PCs and the cloudan extremely serious new class of intel chip vulnerabilities has been discovered by security researchers at graz university of technology, if successful exploitation of the bad guys can take advantage of it to steal sensitive information online. next from the processor.
- Warning of dangerous vulnerabilities on WinRAR, users should uninstall or upgrade to a new versionrarlab, the developer of winrar, has just released an urgent update to patch a dangerous vulnerability in their software.
- Warning: Jenkins exists a serious security hole that helps hackers gain control of computers of many Vietnamese businesseslast night, september 18, vsec - vietnam cyber security joint stock company issued an emergency warning about a serious security hole in the open source application jenkins.
- How to move Windows window when title bar click errorif the window title bar moves too far and you cannot click on it, you can apply some of the methods below to move the windows window back to its original position.
Security solution
- What is Adaptive Security?
- How to use Google Authenticator on a Windows PC
- Do VPN providers keep track of your browsing data?
- What type of password attack is a Passive Online attack?
- What is Windows Defender? What are the advantages? How to enable and disable Windows Defender
- 3 types of dangerous cyber attacks in 2021
What is Adaptive Security?
How to use Google Authenticator on a Windows PC
Do VPN providers keep track of your browsing data?
What type of password attack is a Passive Online attack?
What is Windows Defender? What are the advantages? How to enable and disable Windows Defender
3 types of dangerous cyber attacks in 2021