Tag Archives: RasMan

December Microsoft Patch Tuesday

Leave a reply

December Microsoft Patch Tuesday

December Microsoft Patch Tuesday. A total of 56 vulnerabilities were fixed – 9 fewer than in November. There is one vulnerability with confirmed in-the-wild exploitation:

🔻 EoP – Windows Cloud Files Mini Filter Driver (CVE-2025-62221)

There are currently no vulnerabilities with publicly available exploits. Among the remaining vulnerabilities, the following stand out:

🔹 RCE – Microsoft Office (CVE-2025-62554, CVE-2025-62557), Microsoft PowerShell (CVE-2025-54100), Microsoft Outlook (CVE-2025-62562), GitHub Copilot for JetBrains (CVE-2025-64671)
🔹 EoP – Windows Win32k (CVE-2025-62458), Windows Cloud Files Mini Filter Driver (CVE-2025-62454, CVE-2025-62457), Windows Common Log File System Driver (CVE-2025-62470), Windows Remote Access Connection Manager (CVE-2025-62472), Windows Storage (CVE-2025-59516)

🗒 Full Vulristics report

На русском

November “In the Trend of VM” (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux

Leave a reply

November In the Trend of VM (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux

November “In the Trend of VM” (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux. The usual monthly roundup. After several months, here’s a big one. 🔥

🗞 Post on Habr (rus)
🗞 Post on SecurityLab (rus)
🗒 Digest on the PT website (rus)

A total of nine vulnerabilities:

🔻 RCE – Windows Server Update Services (WSUS) (CVE-2025-59287)
🔻 RCE – Microsoft SharePoint “ToolShell” (CVE-2025-49704)
🔻 RCE – Windows LNK File (CVE-2025-9491)
🔻 EoP – Windows Remote Access Connection Manager (CVE-2025-59230)
🔻 EoP – Windows Agere Modem Driver (CVE-2025-24990)
🔻 RCE – Redis “RediShell” (CVE-2025-49844)
🔻 RCE – XWiki Platform (CVE-2025-24893)
🔻 XSS – Zimbra Collaboration (CVE-2025-27915)
🔻 EoP – Linux Kernel (CVE-2025-38001)

🟥 Trending Vulnerabilities Portal

На русском

About Elevation of Privilege – Windows Remote Access Connection Manager (CVE-2025-59230) vulnerability

Leave a reply

About Elevation of Privilege - Windows Remote Access Connection Manager (CVE-2025-59230) vulnerability

About Elevation of Privilege – Windows Remote Access Connection Manager (CVE-2025-59230) vulnerability. A vulnerability from the October Microsoft Patch Tuesday. The Windows Remote Access Connection Manager (RasMan) service is a core Windows component that manages dial-up and Virtual Private Network (VPN) connections, ensuring secure communication between a computer and remote networks. An access control flaw in the RasMan service could allow an authenticated attacker to elevate privileges to the SYSTEM level.

👾 On October 14, Microsoft reported signs of the vulnerability being exploited in the wild. On October 22, it was added to the CISA KEV catalog. No further details about the attacks have been disclosed so far.

🛠 No public exploits have been observed yet.

На русском