In the latest monthly update released on September 2017 Microsoft has claimed to have patched 81 vulnerabilities in its security update. According to the update provided by Microsoft, there are 27 vulnerabilities that have been deemed ‘critical’.
CVE-2017-8759 vulnerability that has its impact on the .NET framework is exposed to ‘Zero-day Attacks’. A successful attack would allow the attacker to gain remote access to an affected system.
A lot of software used these days is developed using the .NET framework and these software’s act as a gateway for the attackers to exploit the CVE-2017-8759 vulnerability and then gain control over the device.
Moving on with the attack, the malicious actor can also delete data, change it, view it and also install any program to the device taking the system security for a toss. On gaining access to the system the attacker could also create user accounts with elaborated user rights or full user rights. According to information security specialists, user accounts which have full user rights are the ones that are impacted the most by the CVE-2017-8759.
There are unconfirmed reports that the .NET vulnerability was detected by a well known information security company in July. The threat actors used the CVE-2017-8759 vulnerability to install FinFisher spyware on devices used by Russian speaking users. According to reports revealed by the company, the attackers used the CVE-2017-8759 flaw to gain access to the affected system and then infect it with FinFisher spyware in the month of July.
However, this is not the only incident that involved the FinFisher spyware. According to researchers, governments have used them way back in 2012 and before that as well. According to an article written by a infosec writer Fahmida Y. Rashid in 2012, there were signs of FinFisher spyware used in ten countries including Australia, Czech Republic, United Arab Emirates, Ethiopia, Estonia, Indonesia, Latvia, Mongolia, Qatar, and the United States, Guarnieri and Bahrain.
Some of the other, major vulnerabilities patched by the software giant Microsoft are CVE-2017-8628 Microsoft Bluetooth Driver Spoofing Vulnerability, CVE-2017-0161 NetBIOS Remote Code Execution Vulnerability, and CVE-2017-9417 Broadcom BCM43xx allows Remote Code Execution
Click here to view the Microsoft Security Guidance Advisory describing the .NET Framework Remote Code Execution Vulnerability.
Don’t leave yourself exposed. Find your vulnerabilities before cybercriminals do. Contact us for Vulnerability Assessment and Penetration Testing.