Microsoft rolled out security patches for vulnerabilities in windows. The patch addressed one of the critical vulnerabilities: the vulnerability was widely targeted by attackers who could use it for remorse code execution for gaining control over vulnerable systems. Out of 71 windows vulnerabilities, 2 are critical, 68 are important, and 1 is low risk.
Code similarity and re-use of C2 [command-and-control] infrastructure we discovered allowed us to connect these attacks with the actor known as IronHusky and Chinese-speaking APT activity dating back to 2012,” Kaspersky researchers Boris Larin and Costin Raiu said in a technical write-up, with the infection chains leading to the deployment of a remote access trojan capable of collecting and exfiltrating system information from compromised hosts before reaching out to its C2 server for further instructions.
Patch also takes care of newly found flaws in the print spooler component. The component is related to an information divulging bug and a spoofing vulnerability.
A spoofing vulnerability usually indicates that an attacker can impersonate or identify as another user,” security researcher Ollypwn noted in a Twitter thread. “In this case, it looks like an attacker can abuse the Spooler service to upload arbitrary files to other servers.”