Latest news with #CVE2025
Forbes
6 days ago
- Forbes
Update Windows Now — Microsoft Confirms System Takeover Danger
CVE-2025-33073 can lead to system takeover, Microsoft has confirmed. Microsoft users are starting to get all too familiar with being advised to act now, as confirmation of security threat after security threat is made. A Windows secure boot bypass, and attacks exploiting vulnerabilities against Windows 10 and 11 users both require users to update now. That advice is all too clearly warranted as Microsoft has confirmed yet another Windows vulnerability that demands urgent update attention, and this one can lead to a system takeover. Here's what you need to know about CVE-2025-33073, and what you need to do. Hint: update Windows now! Attaining a Common Vulnerability Scoring System score of 8.8, considered a high severity risk, CVE-2025-33073 has been given an important severity rating by Microsoft itself. Such discrepancies are not unusual, as Microsoft applies several additional factors in arriving at its own assessment. None of which, however, should distract from the primary point here: this is a serious security vulnerability with serious consequences if successfully exploited by an attacker. 'An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,' Microsoft has confirmed. Although there is no evidence of exploitation in the wild as of yet, the vulnerability itself has been publicly exposed, so it's only a matter of time. 'To exploit this vulnerability,' Microsoft explained, 'an attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate.' 'Even though CVE-2025-33073 is referred by Microsoft as an elevation of privilege,' Wilfried Bécard and Guillaume André, security researchers at Synacktiv who were among those who disclosed the vulnerability, said, 'it is actually an authenticated remote command execution as SYSTEM on any machine which does not enforce SMB signing.' Semantics aside, what is important is that you follow the advice given at the very start of this article and update now. Microsoft has released a fix, as part of the June Patch Tuesday Windows security rollout, which not only applies the fix but, Bécard and André said, 'also removes the ability to coerce machines into authenticating via Kerberos by registering a DNS record with marshalled target information.'
Forbes
11-06-2025
- Forbes
Microsoft Issues Windows 10 And 11 Update As Attacks Already Underway
Microsoft issues security update as Windows attacks begin. Users of the Windows operating system, be that Windows 10, Windows 11 or any of the Windows Server variants, are used to reading Microsoft cyberattack warnings. Some warnings, however, are more critical than others. Whenever a Windows zero-day exploit is involved, then you really need to start paying close attention. These are the vulnerabilities that have not only been found by threat actors, but also exploited and are under attack already by the time that the vendor, in this case Microsoft, becomes aware of them. Microsoft, and by extension you, are then playing catch-up to get protected against the cyberattacks in question. Here's what you need to know about CVE-2025-33053 and what you need to do right now. Don't wait, update Windows right now. The June 10 Patch Tuesday security rollout has brought with it a few unwelcome surprises, as is often the case. None more so than CVE-2025-33053, which is not only a zero-day, in that it is already known to have been exploited by threat actors, but is also being leveraged widely by cyberattacks, and that's very worrying indeed for all Windows users. A Microsoft executive summary describes the threat from CVE-2025-33053 as 'external control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.' Or, in other words, a remote code execution vulnerability that can do some very bad things indeed. Tenable Research Special Operations has analyzed the threat, and Satnam Narang, the senior staff research engineer at Tenable, said that it has been confirmed in a Check Point Research report, a known threat group, Stealth Falcon, has 'launched a social engineering campaign to convince targets to open a malicious .url file, which would then exploit this vulnerability, giving them the ability to execute code.' That's problematical, as Narang explained, 'it is rare to hear of a zero-day reported during Patch Tuesday as being leveraged widely. We typically expect these types of zero-days to be used sparingly, with an intention to remain undetected for as long as possible.' All the more reason to get your systems updated as soon as possible. The attackers are not waiting, and neither should you. 'The advisory also has attack complexity as low,' Adam Barnett, lead software engineer at Rapid7, said, 'which means that exploitation does not require preparation of the target environment in any way that is beyond the attacker's control.' Indeed, exploitation just requires a user to click on a malicious link, oh what a surprise. 'It's not clear how an asset would be immediately vulnerable if the service isn't running,' Barnett concluded, adding 'but all versions of Windows receive a patch.' You know what to do, go and do it know.
Forbes
03-06-2025
- Business
- Forbes
Google Issues Emergency Update For All 3 Billion Chrome Users
Update all browsers now. Google has suddenly released an emergency Chrome update, warning that a vulnerability discovered by its Threat Analysis Group has been used in attacks. Such is the severity of the risk, that Google also confirmed that ahead of this update, The issue 'was mitigated on 2025-05-28 by a configuration change' pushed out to all platforms. Google says it 'is aware that an exploit for CVE-2025-5419 exists in the wild,' and that full access to details on the vulnerability will 'be be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.' CVE-2025-5419 is an out of bounds read and write in V8, the type of dangerous memory flaw typically found and fixed on the world's most popular browser. While it's only marked as high-severity, the fact attacks are underway means apply the fix is critical. There is already a U.S. government mandate for federal staff to update Chrome by Thursday or stop using the browser, after a separate attack warning. And there has been another high-severity fix since then, with two separate fixes. It is inevitable that this latest warning and update will also prompt CISA to issue a 21-day update mandate. There is a second fix included in this emergency update — CVE-2025-5068 is another memory issue, a 'use after free in Blink,' that was disclosed by an external researcher. NIST warns that CVE-2025-5419 'allows a remote attacker to potentially exploit heap corruption via a crafted HTML page,' and that it applies across Chromium, suggesting other browsers will also issue emergency patches. As usual, you should a flag on your browser that see the update has downloaded. You need to restart Chrome to ensure it takes full effect. All your normal tabs will then reopen — unless you elect not to do that. But your Incognito tabs will not reopen, so make sure you save any work or copy down any URLs you want to revisit.
Forbes
02-06-2025
- General
- Forbes
Linux Passwords Warning — 2 Critical Vulnerabilities, Millions At Risk
Beware this Linux password vulnerability. Although most critical security warnings that hit the headlines impact users of Microsoft's Windows operating systems, and occasionally Apple's iOS and macOS, Critical Linux security vulnerabilities are a much rarer occurrence. As news of not one, but two, such Linux vulnerabilities breaks, millions of users are advised that their passwords and encryption keys could be at risk of compromise. Here's what you need to know and do. When security experts from a renowned threat research unit discover not one, but two, critical local information disclosure vulnerabilities impacting millions of Linux users, it would be an understatement to say that this is a cause for concern. When those same security researchers develop proof of concepts for both vulnerabilities, across a handful of Linux operating systems, the concern level goes through the roof. The vulnerabilities, impacting the Ubuntu core-dump handler known as Apport, and Red Hat Enterprise Linux 9 and 10, plus Fedora, with the systemd-coredump handler, are both of the race-condition variety. Put simply, this is where event timing can cause errors or behaviours that are unexpected at best, critically dangerous at worst. The vulnerabilities uncovered by the Qualys threat research unit fall into the latter category. Exploiting CVE-2025-5054 and CVE-2025-4598, Saeed Abbasi, a manager with the Qualys TRU, said, could 'allow a local attacker to exploit a Set-User-ID program and gain read access to the resulting core dump.' Because both impacted tools are designed to deal with crash reporting, they are well-known targets for attackers looking to exploit vulnerabilities to access the data contained within those core dumps. Abbasi conceded that there are plenty of modern mitigations against such risk, including systems that direct core dumps to secure locations, for example, 'systems running outdated or unpatched versions remain prime targets,' for the newly disclosed vulnerabilities. Abbasi went on to warn that the successful exploitation of these Linux vulnerabilities could lead to the extraction of 'sensitive data, like passwords, encryption keys, or customer information from core dumps.' All users are urged to mitigate that risk by prioritizing patching and increasing access controls. Abbasi said that when it comes to the Apport vulnerability, Ubuntu 24.04 is affected, including all versions of Apport up to 2.33.0 and every Ubuntu release since 16.04. For the systemd-coredump, vulnerability, meanwhile, Abbasi warned that Fedora 40/41, Red Hat Enterprise Linux 9, and the recently released RHEL 10 are vulnerable. I have reached out to Canonical and Red Hat for a statement regarding the Linux password exposure threats.
Forbes
09-05-2025
- Forbes
Microsoft Confirms Critical 10/10 Cloud Security Vulnerability
Microsoft confirms 10/10 Azure vulnerability. SOPA Images/LightRocket via Getty Images It's not often that a truly critical security vulnerability emerges that hits the maximum Common Vulnerability Scoring System severity rating of 10. This is one of those times. Microsoft has confirmed multiple vulnerabilities rated as critical and impacting core cloud services, one of which has reached the unwelcome heights of that 10/10 criticality rating. The good news is that none are known to have been exploited in the wild, none have already been publicly disclosed, and as a user, there's nothing you need to do to protect your environment. A total of four cloud security vulnerabilities have been confirmed by Microsoft, one of which hit the 10/10 rating, but two aren't a million miles short, both being given 9.9 ratings. The final vulnerability remains critical, with a CVSS severity rating of 9.1. Let's look at them in order of their criticality. CVE-2025-29813 Critical Rating: 10.0 Azure DevOps Elevation of Privilege Vulnerability Microsoft confirmed that this Azure DevOps pipeline token hijacking vulnerability is caused by an issue whereby Visual Studio improperly handles the pipeline job tokens, enabling an attacker to potentially extend their access to a project. 'To exploit this vulnerability,' Microsoft said, 'an attacker would first have to have access to the project and swap the short-term token for a long-term one.' CVE-2025-29972 Critical Rating: 9.9 Azure Storage Resource Provider Spoofing Vulnerability Microsoft said that this Azure server-side request forgery vulnerability could allow an authorized attacker to perform 'spoofing' over a network. In other words, a successful threat actor could exploit this vulnerability to distribute malicious requests that impersonate legitimate services and users. CVE-2025-29827 Critical Rating: 9.9 Azure Automation Elevation of Privilege Vulnerability Yet another Azure security vulnerability with an unbelievably high official severity rating of 9.9, this time enabling a successful hacker to elevate privileges across the network thanks to an improper authorization issue in Azure Automation. CVE-2025-47733 Critical Rating: 9.1 Microsoft Power Apps Information Disclosure Vulnerability Hooray, not Azure this time, and dropping on the criticality rating scale to a 9.1 as well. This vulnerability, as the name suggests, would allow an attacker to disclose information over the network. It's another server-side request forgery vulnerability but this time impacting Microsoft Power Apps. Here's the really good news among the bad critical vulnerability disclosure stuff: there is no patch to install, no updates to deploy, and no action required by the user at all. 'This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take,' Microsoft said with regard to each of the cloud security issues mentioned. That's because it comes under the remit of what the Microsoft Security Response Center refers to as a commitment to provide comprehensive vulnerability information to customers, by detailing cloud service CVEs once they have been patched internally. 'In the past,' Microsoft said, 'cloud service providers refrained from disclosing information about vulnerabilities found and resolved in cloud services, unless customer action was required.' With the value of full transparency now properly understood, all that has changed. 'We will issue CVEs for critical cloud service vulnerabilities,' Microsoft confirmed, 'regardless of whether customers need to install a patch or to take other actions to protect themselves.'
