Security
Headlines
HeadlinesLatestCVEs

Latest News

CVE-2024-38227: Microsoft SharePoint Server Remote Code Execution Vulnerability

**According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?** An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.

Microsoft Security Response Center
#vulnerability#microsoft#rce#auth#Microsoft Office SharePoint#Security Vulnerability
CVE-2024-38231: Windows Remote Desktop Licensing Service Denial of Service Vulnerability

**Are there additional actions I need to take after I have installed the update?** No action is required from customers who are using a single license server and who are not using workgroup-joined Windows Server 2008 terminal servers. Customers using multiple license servers should refer to Use multiple remote desktop license servers for more information about the steps they need to take. Additionally, for proper license server discovery, customers using workgroup-joined Windows Server 2008 terminal servers will need to ensure that they list the RD license servers they want these terminal servers to use under **Use the specified Remote Desktop license servers** as detailed on this page. The License server discovery mode called "Automatically discover a license server" will no longer be supported in workgroup-joined deployment.

CVE-2024-38226: Microsoft Publisher Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could bypass Office macro policies used to block untrusted or malicious files.

CVE-2024-38225: Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability

**How could an attacker exploit this vulnerability?** An attacker needs to edit the local configuration file to contain malicious code, then send the request to the server to exploit this vulnerability.

CVE-2024-38234: Windows Networking Denial of Service Vulnerability

**Windows 11, version 24H2 is not generally available yet. Why are there updates for this version of Windows listed in the Security Updates table?** The new Copilot+ devices that are now publicly available come with Windows 11, version 24H2 installed. Customers with these devices need to know about any vulnerabilities that affect their machine and to install the updates if they are not receiving automatic updates. Note that the general availability date for Windows 11, version 24H2 is scheduled for later this year.

CVE-2024-38235: Windows Hyper-V Denial of Service Vulnerability

**Windows 11, version 24H2 is not generally available yet. Why are there updates for this version of Windows listed in the Security Updates table?** The new Copilot+ devices that are now publicly available come with Windows 11, version 24H2 installed. Customers with these devices need to know about any vulnerabilities that affect their machine and to install the updates if they are not receiving automatic updates. Note that the general availability date for Windows 11, version 24H2 is scheduled for later this year.

GHSA-g974-hxvm-x689: node-gettext vulnerable to Prototype Pollution

All versions of the package node-gettext are vulnerable to Prototype Pollution via the addTranslations() function in gettext.js due to improper user input sanitization.

DragonRank, a Chinese-speaking SEO manipulator service provider

Cisco Talos is disclosing a new threat called “DragonRank” that primarily targets countries in Asia and a few in Europe, operating PlugX and BadIIS for search engine optimization (SEO) rank manipulation.

10 Writing Tips for Cybersecurity Professionals

It takes more than technical knowledge to write about cybersecurity in a way people want to read. It takes creativity, discipline, and other key skills.

GHSA-f4wh-359g-4pq7: ThinkPHP deserialization vulnerability

A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code.