Geek Feed

New Windows SmartScreen bypass exploited as zero-day since March

August 14, 2024August 14, 2024 geekfeed0Tagged Actively Exploited, malware, Mark of the Web, microsoft, Phemedrone, SmartScreen, SmartScreen bypass, SmartScreen exploit, windows, Windows Smart App Control, Windows SmartScreen, Zero-Day

Today, Microsoft revealed that a Mark of the Web security bypass vulnerability exploited by attackers as a zero-day to bypass SmartScreen protection was patched during the June 2024 Patch Tuesday. SmartScreen is a security feature introduced with Windows 8 that protects users against potentially malicious software when opening downloaded files tagged with a Mark of […]

3 mins read

Windows Smart App Control, SmartScreen bypass exploited since 2018

August 6, 2024August 6, 2024 geekfeed0Tagged bypass, exploit, microsoft, Smart App Control, SmartScreen, windows, windows 11

A design flaw in Windows Smart App Control and SmartScreen that enables attackers to launch programs without triggering security warnings has been under exploitation since at least 2018. Smart App Control is a reputation-based security feature that uses Microsoft’s app intelligence services for safety predictions and Windows’ code integrity features to identify and block untrusted (unsigned) […]

3 mins read

Windows vulnerability abused braille “spaces” in zero-day attacks

September 16, 2024September 16, 2024 geekfeed0Tagged 0day, CVE-2024-43461, HTA, microsoft, Void Banshee, windows, Windows vulnerability, Zero-Day

A recently fixed “Windows MSHTML spoofing vulnerability” tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. When first disclosed as part of the September 2024 Patch Tuesday, Microsoft had not marked the vulnerability as previously exploited. However, on Friday, Microsoft updated the CVE-2024-43461 advisory to indicate it […]

4 mins read

Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited

August 14, 2024August 14, 2024 geekfeed0Tagged Actively Exploited, microsoft, Patch Tuesday, Security Update, vulnerability, windows, windows update, Zero-Day

Today is Microsoft’s August 2024 Patch Tuesday, which includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on an update for a tenth publicly disclosed zero-day. This Patch Tuesday fixed eight critical vulnerabilities, which were a mixture of elevation of privileges, remote code execution, and […]

15 mins read

Microsoft discloses unpatched Office flaw that exposes NTLM hashes

August 11, 2024August 11, 2024 geekfeed0Tagged microsoft, Microsoft 365, Microsoft Office, NTLM, Office 2016, Office 2019, Office LTSC 2021, phishing, vulnerability

Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker. Tracked as CVE-2024-38200, this security flaw is caused by an information disclosure weakness that enables unauthorized actors to access protected information. It impacts multiple 32-bit and 64-bit Office versions, including Office 2016, Office 2019, Office LTSC 2021, and […]

4 mins read

XP-AntiSpy returns to Windows 11 as XD-AntiSpy

July 6, 2024July 6, 2024 geekfeed0Tagged microsoft, windows, windows 11, windows 11m, XD-AntiSpy, XP-AntiSpy

A very popular system tweaker back in the Windows XP days, XP-AntiSpy was around for a decade and can still be used on Windows 2000, XP, Vista, and 7. While its last beta release surfaced in 2015 and can be considered a dead project, this piece of code is now back for Windows 11 users […]

2 mins read