+44 (0)203 88 020 88

0
0
Subtotal: £0.00

No products in the basket.

No products in the basket.

Menu

Search

Cyber Security News & Articles

 

Cyber Security
News & Articles

Trusted Cyber Security Experts
25+ Years Industry Experience
Ethical, Professional & Pragmatic

CISA Warn of 40 New Actively Exploited Cybersecurity Vulnerabilities This Month So Far

Last week saw the addition of 39 known exploited cybersecurity vulnerabilities to the CISA catalogue, bringing the total added in June so far to 40. The Cybersecurity and Infrastructure Security Agency (CISA), a branch of the US government, released an alert on Wednesday, to make people aware of the threats posed by these vulnerabilities, which they described as a “significant risk”. Big names such as Google, Adobe and Microsoft are amongst the products and software identified as having actively exploited vulnerabilities in this list.  

 

Google 

Google’s Chromium V8 Engine has been found to have 8 new actively exploited vulnerabilities. Linux, Windows, Mac, and Android users of Google Chrome were all at risk of having an out-of-bounds memory vulnerability exploited, tagged as CVE-2016-5198. The affected versions of Chrome included incorrect assumptions that allowed read/write operations to be performed by a remote attacker, ultimately resulting in code execution through a specially crafted HTML page. Chrome users on these operating systems were also susceptible to a type confusion vulnerability CVE-2017-5070, and a memory corruption vulnerability CVE-2017-5030 , which would also allow remote attackers to execute code inside a sandbox via a HTML page. CVE-2018-17480 is an out-of-bounds write vulnerability, where out-of-bounds JavaScript can potentially allow a remote attacker to do the same, as is also true with remote code execution vulnerability CVE-2018-17463. Another out-of-bounds write vulnerability, CVE-2019-5825, lets remote attackers potentially exploit heap corruption through a purposely designed HTML page, which integer overflow vulnerability CVE-2018-6065 also exploits. Denial of service vulnerability CVE-2016-1646 utilises the Array.prototype.concat implementation in builtins.cc which can cause an out-of-bounds read due to some element data types not being considered correctly.  

Chrome should update automatically, but you can check which version you are running by using the burger menu to enter the settings, then go to ‘About Chrome’. This will display your current Chrome version, and usually this will prompt the download of any available updates. Chrome needs to restart after updating so be sure not to do this when you have any open tabs you do not want to lose. At the time of publishing the current Chrome version is 102.0.5005.115, update to this version to ensure you have received patches to all the above vulnerabilities. 

 

Adobe 

7 cybersecurity vulnerabilities were found to be actively exploited in Adobe Acrobat and Reader. A double free vulnerability tagged as CVE-2018-4990 allowed attackers to remotely execute arbitrary code through memory corruption. Another memory corruption vulnerability, CVE-2011-2462, can be found in the Universal 3D (U3D) component of Adobe Acrobat and Reader, which allows for remote code execution or denial of service attacks through unknown vectors. U3D also contains an array boundary issue, CVE-2009-3953, through which attackers can execute code via PDF documents. The PDF file format has been identified as a vehicle for remote code attacks in the use-after-free vulnerability CVE-2009-4324, stack-based buffer overflow vulnerability CVE-2010-2883 which also allows for denial-of-service attacks, and another buffer overflow vulnerability CVE-2007-5659, where the code is identified as being executed through JavaScript. The latter of these is thought to be encompassed in the definition of CVE-2008-0655, which tracks multiple vulnerabilities as a design flaw, and allows a hacker to design PDF file which can be printed silently any number of times. 

It was also found that there were 4 actively exploited vulnerabilities in Adobe Flash Player, which is an end-of-life product, and is no longer supported. Updates are therefore not available, and the best advice is to disconnect all end-of-life software that is still in use. However, an unspecified vulnerability CVE-2009-1862, and a memory corruption vulnerability CVE-2010-1297 were found to affect both Adobe Reader and Acrobat, and Adobe Flash Player. Both of these vulnerabilities allow attackers to either create a denial-of-service attack or execute arbitrary code, through the use of .pdf and .swf files. 

 

Microsoft 

The majority of the actively exploited Microsoft vulnerabilities occur in Microsoft Office, with 5 newly considered vulnerabilities being added to this list this week. Three of these are buffer-overflow vulnerabilities allowing remote code execution, tracked as CVE-2009-0563, which utilises an invalid field length crafted tag, CVE-2013-1331, which includes a PNG made by the attacker in the document to execute this code, and CVE-2010-2572, which is a vulnerability specific to Microsoft PowerPoint. An object record corruption vulnerability tagged as CVE-2009-0557 was found to affect Office files by allowing attackers to run code through a crafted Excel file containing a malformed object. This is similar to the buffer overflow vulnerability CVE-2006-2492, which utilises a malformed object pointer in Microsoft Word and Microsoft Works Suites to execute arbitrary code. 

Other Microsoft vulnerabilities were also identified as being actively exploited, such as the remote code execution vulnerability CVE-2012-0151, in which the Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not validate the digest signature of a portable executable file, allowing attackers to modify the file with additional content in order to execute code. Microsoft XML Core Services has a memory corruption vulnerability tracked as CVE-2012-1889 that can also allow for remote code execution by attackers, as well as an opportunity for a denial-of-service attack through a malicious website. Microsoft Internet Explorer vulnerability CVE-2012-4969 also requires attackers to use a crafted website, in this case for a use-after-free attack through which they can execute arbitrary code. 

 

Other notable vulnerabilities include CVE-2022-31460, a Meeting Owl Pro hard-coded credentials vulnerability that allows hackers to activate tethering mode to connect to and infiltrate the connected network, and CVE-2022-26134, an Atlassian Confluence Server vulnerability that allowed remote code execution to be performed by an unauthenticated attacker. Cisco RV Series Routers, multiple NETGEAR devices, QNAP Photo Station, and SAP NetWeaver are also identified as software and products affected by known exploited vulnerabilities. 

In order to reduce the likelihood of suffering from one of these cyber-attacks, patches and updates should be installed as soon as possible after their release. The publishing of all the vulnerabilities on this catalogue can help to organise and prioritise the updates of software with known vulnerabilities that are being commonly exploited to ensure the greatest protection from attack. 

 

 

Subscribe to our monthly newsletter today

If you’d like to stay up-to-date with the latest cyber security news and articles from our technical team, you can sign up to our monthly newsletter. 

We hate spam as much as you do, so we promise not to bombard you with emails. We’ll send you a single, curated email each month that contains all of our cyber security news and articles for that month.

Why Choose SecureTeam?

CREST
CCS
ISO9001
ISO27001
CE-PLUS

Customer Testimonials

“We were very impressed with the service, I will say, the vulnerability found was one our previous organisation had not picked up, which does make you wonder if anything else was missed.”

Aim Ltd Chief Technology Officer (CTO)

"Within a very tight timescale, SecureTeam managed to deliver a highly professional service efficiently. The team helped the process with regular updates and escalation where necessary. Would highly recommend"

IoT Solutions Group Limited Chief Technology Officer (CTO) & Founder

“First class service as ever. We learn something new each year! Thank you to all your team.”

Royal Haskoning DHV Service Delivery Manager

“We’ve worked with SecureTeam for a few years to conduct our testing. The team make it easy to deal with them; they are attentive and explain detailed reports in a jargon-free way that allows the less technical people to understand. I wouldn’t work with anyone else for our cyber security.”

Capital Asset Management Head of Operations

“SecureTeam provided Derbyshire's Education Data Hub with an approachable and professional service to ensure our schools were able to successfully certify for Cyber Essentials. The team provided a smooth end-to-end service and were always on hand to offer advice when necessary.”

Derbyshire County Council Team Manager Education Data Hub

“A very efficient, professional, and friendly delivery of our testing and the results. You delivered exactly what we asked for in the timeframe we needed it, while maintaining quality and integrity. A great job, done well.”

AMX Solutions IT Project Officer

“We were very pleased with the work and report provided. It was easy to translate the provided details into some actionable tasks on our end so that was great. We always appreciate the ongoing support.”

Innovez Ltd Support Officer

Get in touch today

If you’d like to see how SecureTeam can take your cybersecurity posture to the next level, we’d love to hear from you, learn about your requirements and then send you a free quotation for our services.

Our customers love our fast-turnaround, “no-nonsense” quotations – not to mention that we hate high-pressure sales tactics as much as you do.

We know that every organisation is unique, so our detailed scoping process ensures that we provide you with an accurate quotation for our services, which we trust you’ll find highly competitive.

Get in touch with us today and a member of our team will be in touch to provide you with a quotation. 

Scroll to Top