Aggregator

A vulnerability, which was classified as critical, was found in Microsoft Windows up to Server 2025. This affects an unknown part of the component Secure Kernel Mode. The manipulation leads to untrusted pointer dereference. This vulnerability is uniquely identified as CVE-2024-43631. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Microsoft Windows and classified as critical. This vulnerability affects unknown code of the component USB Video Class System Driver. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2024-43634. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows and classified as critical. This issue affects some unknown processing of the component USB Video Class System Driver. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2024-43637. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been classified as critical. Affected is an unknown function of the component USB Video Class System Driver. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-43638. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been declared as critical. This vulnerability affects unknown code of the component Hyper-V Shared Virtual Disk. The manipulation leads to untrusted pointer dereference. This vulnerability was named CVE-2024-43624. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been rated as critical. This issue affects some unknown processing of the component DWM Core Library. The manipulation leads to untrusted pointer dereference. The identification of this vulnerability is CVE-2024-43629. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in Microsoft Windows 11 22H2/11 23H2/11 24H2. Affected is an unknown function of the component Hyper-V. The manipulation leads to sensitive data storage in improperly locked memory. This vulnerability is traded as CVE-2024-43633. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, has been found in Microsoft Windows. Affected by this issue is some unknown functionality of the component Win32k. The manipulation leads to untrusted pointer dereference. This vulnerability is handled as CVE-2024-43636. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Microsoft Windows 10 21H2/10 22H2/11 22H2/11 23H2/Server 2022 and classified as critical. This vulnerability affects unknown code of the component Kernel-Mode Driver. The manipulation leads to double free. This vulnerability was named CVE-2024-43640. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as very critical, was found in Microsoft Windows Server 2012 up to Server 2022 23H2. This affects an unknown part of the component Kerberos. The manipulation leads to numeric truncation error. This vulnerability is uniquely identified as CVE-2024-43639. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in Microsoft Windows. Affected by this vulnerability is an unknown functionality of the component Telephony Service. The manipulation leads to integer overflow. This vulnerability is known as CVE-2024-43628. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

美国纽约州一家法院已初步批准一项150万美元（约合人民币1086万元）的和解协议，用于解决针对One Brooklyn Health健康系统的修订后合并拟议集体诉讼。该诉讼源于2022年11月的一次网络攻击事件，该事件导致超过23.5万人的敏感健康数据遭到泄露。 此次事件波及One Brooklyn Health旗下位于纽约市布鲁克林区的三家医院，包括Brookdale医院医疗中心、Interfaith医疗中心和Kingsbrook犹太医疗中心，以及多个护理院和健康诊所。 诉讼指控之一是，One Brooklyn Health未能合理地保护、保障或存储原告和集体成员的个人身份信息和受保护健康信息，导致相关人员面临身份盗窃和欺诈犯罪的风险。 诉讼指控One Brooklyn Health未能合理保护、保障或存储原告及集体成员的个人身份信息和受保护的健康信息，导致相关人员面临身份盗窃和欺诈风险。 诉讼还指控One Brooklyn Health违反了纽约州消费者保护法，并未及时向受影响人员通报数据泄露事件。 One Brooklyn Health否认了所有指控。 人均最高获赔2600美元 根据拟议的和解协议，符合条件的集体诉讼成员可以提交索赔，最高可获得2500美元的实际自付损失赔偿，以及处理数据泄露后果所花费的时间补偿（最高4小时、每小时25美元）。 此外，和解协议允许集体诉讼成员申请两年的信用监控服务。 作为替代选择，集体诉讼成员可以放弃文件损失赔偿和信用监控服务的申请，直接领取一笔固定金额的现金补偿。这笔补偿金额将在扣除其他索赔和费用后由和解基金决定。 和解协议还建议向八名原告每人支付1000美元的服务奖励。根据法院文件，原告律师计划从和解基金中提取高达三分之一的金额（约50万美元），并申请补偿不超过5万美元的诉讼费用。 此外，该协议要求One Brooklyn Health增强数据安全措施。这些改进的费用将由One Brooklyn Health自行承担，与和解基金无关。法院文件并未具体说明One Brooklyn Health将实施哪些安全措施。 纽约州最高法院（位于国王县）计划于2025年2月26日召开和解协议最终批准听证会。 数据泄露详情 此次合并拟议集体诉讼的核心是One Brooklyn Health于2022年11月首次检测到的网络攻击。当时，该医疗机构发现其网络中存在可疑活动。这一事件导致其IT系统，包括电子健康记录和患者门户网站，长达一个多月无法正常访问。 根据One Brooklyn Health于2023年发布的数据泄露通知，调查显示，2022年7月9日至2022年11月19日期间，一名未经授权的行为者从其IT系统中获取了“一定数量”的数据。 调查进一步发现，网络犯罪分子在此次攻击中未经授权访问并窃取了超过23.5万人的个人身份信息，其中包括患者、员工及其配偶、受抚养人和受益人。 受影响的信息包括姓名、社会安全号码、驾照或州身份证号码、出生日期、金融账户信息、医疗治疗记录、处方信息、诊断信息以及健康保险信息等。 截至目前，One Brooklyn Health尚未公开声明此次事件是否涉及勒索软件。 One Brooklyn Health于2023年1月18日向美国卫生与公众服务部（HHS）报告了此次数据泄露，描述为涉及网络服务器的黑客事件，并称影响了500人。这一数字似乎是初步估算。 截至2023年11月8日，HHS民权办公室的《健康保险流通与责任法案》(HIPAA)数据泄露报告工具中仍显示此事件的受影响人数为500人。而根据One Brooklyn Health于2023年4月20日向缅因州总检察长提交的报告，实际受影响人数为235251人。 代表One Brooklyn Health处理数据泄露诉讼的律师未立即回应外媒信息安全媒体集团（ISMG）的置评请求。 原告律师事务所Shub & Johns LLC的律师本杰明·约翰斯（Benjamin Johns）在声明中表示：“我们对法院初步批准和解协议感到满意，并期待进行最终批准。”他未就该案的其他问题作进一步评论。     转自安全内参，原文链接：https://www.secrss.com/articles/72491 封面来源于网络，如有侵权请联系删除

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

Author: Knownsec 404 team Date: November 20, 2024 中文版：https://paper.seebug.org/3238/ 1. Abstract LockBit 3.0 is a well-known ransomware operated through a "Ransomware-as-a-Service" (RaaS) model. Th...

A vulnerability, which was classified as critical, was found in Gliffy Online up to 4.14.0-5. This affects an unknown part of the component Configuration Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. This vulnerability is uniquely identified as CVE-2024-10315. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Animate up to 23.0.7/24.0.4. It has been classified as problematic. Affected is an unknown function. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-49527. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Adobe Animate up to 23.0.7/24.0.4. This vulnerability affects unknown code. The manipulation leads to use after free. This vulnerability was named CVE-2024-49526. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Adobe Animate up to 23.0.7/24.0.4. This issue affects some unknown processing. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2024-49528. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Adobe Commerce up to 3.2.5 and classified as critical. This vulnerability affects unknown code of the component Requests Handler. The manipulation leads to server-side request forgery. This vulnerability was named CVE-2024-49521. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.