Category Archives: Vulristics

Microsoft Patch Tuesday March 2023: Outlook EoP, MOTW Bypass, Excel DoS, HTTP/3 RCE, ICMP RCE, RPC RCE

Hello everyone! This episode will be about Microsoft Patch Tuesday for March 2023, including vulnerabilities that were added between February and March Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239119

As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews.

Microsoft Patch Tuesday for March 2023 was quite refreshing. 😈

Continue reading

Microsoft Patch Tuesday February 2023: Win Graphics RCE, Edge RCE, Publisher SFB, CLFS EoP, Exchange RCEs, Word RCE, HoloLens1

Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2023, including vulnerabilities that were added between January and February Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239118

This month I decided to change the format a bit. Now I share my impression of Microsoft Patch Tuesday on the same Patch Tuesday day in my main telegram channel avleonovcom and my second russian telegram channel avleonovrus. You can also find a draft of the Vulristics report there. So please subscribe. And the full blog post/video is published with a delay. And, in fact, this is it.

As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews.

Continue reading

Microsoft Patch Tuesday January 2023: ALPC EoP, Win Backup EoP, LocalPotato, Exchange, Remote RCEs

Hello everyone! This episode will be about Microsoft Patch Tuesday for January 2023, including vulnerabilities that were added between December and January Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239115

As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Nessus, Rapid7 and ZDI Patch Tuesday reviews.

Continue reading

Microsoft Patch Tuesday December 2022: SPNEGO RCE, Mark of the Web Bypass, Edge Memory Corruptions

Hello everyone! This episode will be about Microsoft Patch Tuesday for December 2022, including vulnerabilities that were added between November and December Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities.

Alternative video link (for Russia): https://vk.com/video-149273431_456239112

But let’s start with an older vulnerability. This will be another example why vulnerability prioritization is a tricky thing and you should patch everything. In the September Microsoft Patch Tuesday there was a vulnerability Information Disclosure – SPNEGO Extended Negotiation (NEGOEX) Security Mechanism (CVE-2022-37958), which was completely unnoticed by everyone. Not a single VM vendor paid attention to it in their reviews. I didn’t pay attention either.

Continue reading

Microsoft Patch Tuesday November 2022: Exchange ProxyNotShell RCE, JScript9, MoTW, OpenSSL, Edge, CNG, Print Spooler

Hello everyone! This episode will be about Microsoft Patch Tuesday for November 2022, including vulnerabilities that were added between October and November Patch Tuesdays. As usual, I use my open source Vulristics project to create the report.

Alternative video link (for Russia): https://vk.com/video-149273431_456239107

The most important news of this Patch Tuesday was a release of patches for ProxyNotShell Remote Code Execution – Microsoft Exchange (CVE-2022-41040, CVE-2022-41082) mentioned in the previous episode. These vulnerabilities became public on September 28, and updates for this vulnerability did not appear until November 8. Microsoft could have acted more quickly. But it’s good that the problem with these actively exploited vulnerabilities is finally solved.

But besides ProxyNotShell, this November Patch Tuesday had a lot of interesting vulnerabilities. Let’s take a look.

Continue reading

Microsoft Patch Tuesday October 2022: Exchange ProxyNotShell RCE, Windows COM+ EoP, AD EoP, Azure Arc Kubernetes EoP

Hello everyone! This episode will be about Microsoft Patch Tuesday for October 2022, including vulnerabilities that were added between September and October Patch Tuesdays. As usual, I use my open source Vulristics project to create the report.

Alternative video link (for Russia): https://vk.com/video-149273431_456239106

Continue reading

Joint Advisory AA22-279A and Vulristics

Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory (CSA) AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics.

Alternative video link (for Russia): https://vk.com/video-149273431_456239105

Americans can’t just release a list of “20 vulnerabilities most commonly exploited in attacks on American organizations.” They like to add geopolitics and point the finger at some country. Therefore, I leave the attack attribution mentioned in the advisory title without comment.

Continue reading