Adam Baldwin

**Name of the Vulnerable Software and Affected Versions** Visual Studio Code (affected versions not specified) Microsoft Defender (affected versions not specified) **Description** Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. Additionally, a flaw known as RoguePlanet targets Microsoft Defender, enabling attackers to remotely disable or bypass this security layer before deploying secondary payloads. This issue is being actively exploited in the wild, allowing threat actors to operate undetected on Windows endpoints by neutralizing the primary defense mechanism. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Visual Studio Code versions prior to 1.123.1 **Description** Exposure of sensitive information to an unauthorized actor allows an attacker to disclose information over a network. **Recommendations** Update to version 1.123.1 or later.

**Name of the Vulnerable Software and Affected Versions** osTicket versions prior to 1.6 RC5 **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `staff username` parameter in the include/class.staff.php file. **Recommendations** For versions prior to 1.6 RC5, update to version 1.6 RC5 or later to resolve the issue. As a temporary workaround, consider restricting access to the include/class.staff.php file to minimize the risk of exploitation. Avoid using the `staff username` parameter in vulnerable instances until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Simpliciti Locked Browser (affected versions not specified) **Description** The issue allows local users to perform unauthorized actions by exploiting a weakness in the browser's limitation of user actions. This can be achieved by visiting a web site that executes a JavaScript `window.blur` loop to remove focus from the browser window, and then pressing CTRL-SHIFT-ESC to invoke the Task Manager. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Desktop Rover versions 3.0 and earlier **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash, by sending a crafted packet to TCP port 61427. This action causes an invalid memory access. **Recommendations** For versions 3.0 and earlier, as a temporary workaround, consider restricting access to TCP port 61427 until a patch is available.