Andreas Klopsch

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to a Proxy Driver Spoofing Vulnerability, which is associated with errors in access restriction. Exploitation of this issue may allow an attacker to execute arbitrary code by substituting the proxy server driver. The vulnerability is linked to the substitution of a proxy server driver signed with a valid Microsoft Hardware Publisher certificate. There have been reports of active exploitation of this vulnerability. A malicious file, disguised as "Catalog Authentication Client Service" by "Catalog Thales", was distributed, attempting to impersonate Thales Group. This file was previously bundled with marketing software called LaiXi Android Screen Mirroring. Microsoft has added the malicious file to the certificate revocation list. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Radeon Software Crimson ReLive Edition (affected versions not specified) **Description** A potential issue was reported in Radeon Software Crimson ReLive Edition that may allow escalation of privilege. This software falls outside of the security support lifecycle, and the manufacturer does not plan to release any mitigations. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.