Monthly Archives: October 2021

Security News: Microsoft Patch Tuesday October 2021, Autodiscover, MysterySnail, Exchange, DNS, Apache, HAProxy, VMware vCenter, Moodle

Hello everyone! This episode will be about relatively recent critical vulnerabilities. Let’s start with Microsoft Patch Tuesday for October 2021. Specifically, with the vulnerability that I expected there, but it didn’t get there.

Autodiscover leak discovered by Guardicore Labs

“Autodiscover, a protocol used by Microsoft Exchange for automatic configuration of clients such as Microsoft Outlook, has a design flaw that causes the protocol to “leak” web requests to Autodiscover domains outside of the user’s domain but in the same TLD (i.e. Autodiscover.com).” Guardicore Labs acquired multiple Autodiscover domains and have captured 372,072 Windows domain credentials in total. It seems Microsoft have chosen to ignore this issue. No CVE, no Outlook or ActiveSync patches. The only fix is to ban the “Autodiscover.” domains on devices.

Microsoft Patch Tuesday for October 2021

74 vulnerabilities: 1 Critical, 30 High, 43 Medium.

Elevation of Privilege – Windows Kernel (CVE-2021-40449)

It is a use-after-free vulnerability in the NtGdiResetDC function of the Win32k driver. A detailed technical description is available in Kasperky Securelist post, but, in short, the vulnerability can lead to leakage of kernel module addresses in the computer’s memory. This vulnerability is being exploited in the wild by APT MysterySnail. All servers and desktops should be updated.

Continue reading

Career Navigator talk for IT Hub College

Last week I gave a “Career Navigator” talk for the students of the IT Hub College in Moscow. By the way, this college has a very interesting practical information security program. If it is relevant for you, check it out.

I’ve never talked so much about myself in public. It was like giving advises to yourself from the past. An interesting experience. It took about an hour and a half. And now I will try to mention the main points.

University

I talked about studying at the university. The fact that we go to university to gain knowledge and skills. But this is not the only reason. The university diploma makes it easier to find a job and participate in emigration programs if you ever want to. For example, this is a requirement for a for the European Blue Card. Networking at the university is also important.

My experience of studying at Bauman Moscow State Technical University was definitely positive. Although I believe that there could be more practical courses on Operating Systems, networking and programming. On the other hand, there could be much less mathematics. I have the best memories from the Theoretical Foundations of Information Security course and the course based on CISSP exam.

Continue reading