A tumultuous start to September. Google, Adobe, Mozilla, and Microsoft have patched various zero-day attack vectors in software, ranging from Chrome, Acrobat Reader, Firefox, Thunderbird, Windows, to Word. Some of these vulnerabilities are already being actively exploited, while others appear to have been proactively addressed.
With the fourth quarter on the horizon, historical trends show an increase in activity and accompanying digital criminality. At the top of the list, spam emails with infected attachments still reign. If such an attachment is opened on a vulnerable computer, criminals can gain access, often even at a later time. Their goal is typically to steal or ransom data.
Widely used software fortified
It's reassuring that Adobe has released security updates for an actively exploited zero-day vulnerability in Acrobat and Reader (CVE-2023-26369), allowing an attacker to execute arbitrary code on the system through a malicious PDF file.
Additionally, Mozilla has addressed a zero-day vulnerability that was used to target Google Chrome users, which also affected Firefox and Thunderbird. This vulnerability, designated CVE-2023-4863, was found in the WebP library developed by Google as a successor to JPG, GIF, and PNG image formats.
Microsoft has resolved a staggering 59 vulnerabilities, with notable ones being CVE-2023-36761 related to NTLM hashes and CVE-2023-36802 in a streaming proxy service. Microsoft has also addressed vulnerabilities discovered by Dutch researchers Thijs Alkemade, Khaled Nassar, and Daan Keuper. This security flaw in Windows Themes allows an attacker to execute arbitrary code when the victim opens a malicious Windows Themes file. Microsoft's updates will be automatically installed for most home users, as usual.
Vulnerable Dutch election software
Speaking of Dutch experts, the work of Maarten Boone, who recently discovered a vulnerability in election software within an hour, must not go unmentioned. He found that the vendor's login credentials were present in the installation software, granting him access to the vendor's infrastructure, including the portion housing the vote-counting software. Thanks to his efforts, this vulnerability will no longer exist in the upcoming Dutch parliamentary elections on November 22.
Support for Dutch information security
For Dutch information security researchers, there's more good news. The government and the European Commission, through CIF-NL, have allocated €930,000 for the development of Dutch cybersecurity projects. This primarily targets SMEs and independent researchers, who can apply for project funding ranging from €25,000 to €75,000. This financial support is intended to assist existing projects, such as retaining personnel, staff training, and technological developments to enable secure and privacy-friendly data sharing, even when these solutions require scaling up.
While information security is crucial year-round, with the last quarter approaching, it's never a bad time to once again emphasize the importance of digital security. Ensure your software is up-to-date, use security solutions, but above all, remain vigilant and critical, especially when receiving a suspicious email.