U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Microsoft patches CVE-2016-7255 Windows zero-day exploited by Fancy Bear

Microsoft has issued a security patch that fixes the zero-day vulnerability tracked as CVE-2016-7255 exploited by Russian hackers. Microsoft has issued security patches that fixed also the zero-day vulnerability exploited by Russian hackers. One of the zero-days tracked as CVE-2016-7255  has been patched in the MS16-135 bulletin that also addresses two information disclosure and three […]

Microsoft YellowKey

Microsoft has issued a security patch that fixes the zero-day vulnerability tracked as CVE-2016-7255 exploited by Russian hackers.

Microsoft has issued security patches that fixed also the zero-day vulnerability exploited by Russian hackers.

One of the zero-days tracked as CVE-2016-7255  has been patched in the MS16-135 bulletin that also addresses two information disclosure and three privilege escalation vulnerabilities. The zero-day was exploited by attackers to gain administrator-level access by escaping the sandbox protection and execute malicious code.

Google has chosen to public disclose the flaw just 10 days after privately reporting it to Microsoft, giving the company a very little time to issue security updates.

According to Google, the reason for going public without waiting for a patch is that its experts have observed exploits for the flaw in the wild.

Microsoft criticized the Google decision because the disclosure potentially puts customers at risk.

“We believe in coordinated vulnerability disclosure, and today’s disclosure by Google puts customers at potential risk,” a Microsoft spokesperson said in a statement. “Windows is the only platform with a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible. We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection.”

According to Microsoft, the CVE-2016-7255 vulnerability had been exploited in a limited number of spear-phishing attacks powered by the Russian hacker group known as Pawn Storm, APT28, Fancy Bear, Sofacy, Sednit, and Tsar Team.

 

Russian hackers also exploited a zero-day flaw (CVE-2016-7855) in Flash Player that Adobe promptly patched by issuing and an emergency patch.

According to the security advisory issued by Adobe, the CVE-2016-7855 has been exploited in targeted attacks. The vulnerability is a use-after-free issue that can be triggered by attackers for arbitrary code execution.

CVE-2016-7255

The last Microsoft Patch Tuesday include a critical security bulletin MS16-132 that addresses several issues related to the Windows Media Foundation, the Windows Animation Manager and OpenType fonts.

The bulletin MS16-132 also fixed the remote code execution vulnerability (CVE-2016-7256) that according to Microsoft has been exploited in the wild via specially crafted websites or documents that victims must open in order to trigger the exploit.

The bulletin MS16-129 fixed other vulnerabilities, a browser information disclosure vulnerability (CVE-2016-7199) and the Edge spoofing flaw (CVE-2016-7209)

The complete list of Microsoft Security Bulletins for November 2016 is available here:

https://technet.microsoft.com/en-us/library/security/ms16-nov.aspx

Adobe also issued security patches for 9 Flash Player flaws reported via ZDI.

The company has released security updates to address one vulnerability in Connect for Windows and nine arbitrary code execution flaws in the Flash Player product.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – CVE-2016-7255 , hacking)