Tag Archives: RCE

August 2023: GitHub PoCs, Vulristics, Qualys First-Party, Tenable ExposureAI, SC Awards and Rapid7, Anglo-Saxon list, MS Patch Tuesday, WinRAR, Juniper

Hello everyone! This month I decided NOT to make an episode completely dedicated to Microsoft Patch Tuesday. Instead, this episode will be an answer to the question of how my Vulnerability Management month went. A retrospection of some kind.

Alternative video link (for Russia): https://vk.com/video-149273431_456239134

GitHub exploits and Vulristics

This month I made some improvements to my Vulristics vulnerability prioritization tool. These changes relate to the use of exploit data on Github. We all know that exploits are often posted on GitHub. But how adequate is this source in order to evaluate the exploitability?

Continue reading

Microsoft Patch Tuesday July 2023: Vulristics improvements, Office RCE, SFB SmartScreen and Outlook, EoP MSHTML and ERS, other RCEs

Hello everyone! This episode will be about Microsoft Patch Tuesday for July 2023, including vulnerabilities that were added between June and July Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239131

As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities.

Vulristics improvements

I optimized the detection of the vulnerable product and the type of vulnerability based on the description. Now processing already downloaded data (with option --rewrite-flag "False") takes a few seconds. For example, only ~3 seconds for 100 MS Patch Tuesday vulnerabilities . It used to take a few minutes.

What I’ve done:

  1. For Microsoft generated descriptions, e.g. “Microsoft Excel Remote Code Execution Vulnerability”, vulnerability type and product are now directly parsed out of the description, keyword search is not performed.
  2. I rewrote the generic keyword search based on products.json. I have reduced the use of heavy functions without sacrificing the quality of the detections.
Continue reading

Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP

Hello everyone! This episode will be about Microsoft Patch Tuesday for June 2023, including vulnerabilities that were added between May and June Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239127

As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews. This time there were only 3 vulnerabilities used in attacks or with a public exploit. And only one of them is more or less relevant.

Continue reading

Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE

Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2023, including vulnerabilities that were added between April and May Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239126

As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews.

It’s been a long time since we’ve had such tiny Patch Tuesday. 57 CVEs, including CVEs appeared during the month. And only 38 without them! 😄

Continue reading

Microsoft Patch Tuesday April 2023: CLFS EoP, Word RCE, MSMQ QueueJumper RCE, PCL6, DNS, DHCP

Hello everyone! This episode will be about Microsoft Patch Tuesday for April 2023, including vulnerabilities that were added between March and April Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239123

As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews. And this is the first Patch Tuesday report since I added EPSS support to Vulristics. 😉

Compared to March, Microsoft Patch Tuesday for April 2023 is kind of weak. 🙄

Continue reading

Microsoft Patch Tuesday March 2023: Outlook EoP, MOTW Bypass, Excel DoS, HTTP/3 RCE, ICMP RCE, RPC RCE

Hello everyone! This episode will be about Microsoft Patch Tuesday for March 2023, including vulnerabilities that were added between February and March Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239119

As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews.

Microsoft Patch Tuesday for March 2023 was quite refreshing. 😈

Continue reading

Microsoft Patch Tuesday February 2023: Win Graphics RCE, Edge RCE, Publisher SFB, CLFS EoP, Exchange RCEs, Word RCE, HoloLens1

Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2023, including vulnerabilities that were added between January and February Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239118

This month I decided to change the format a bit. Now I share my impression of Microsoft Patch Tuesday on the same Patch Tuesday day in my main telegram channel avleonovcom and my second russian telegram channel avleonovrus. You can also find a draft of the Vulristics report there. So please subscribe. And the full blog post/video is published with a delay. And, in fact, this is it.

As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Tenable, Rapid7, ZDI Patch Tuesday reviews.

Continue reading