Jean-Jamil Khalife

**Name of the Vulnerable Software and Affected Versions** Netskope client versions prior to R100 **Description** The Netskope client service, running with NTSYSTEM privileges, accepts network connections from localhost to start various services and execute commands. A connection handling function in the service uses a relative path to download and unzip configuration files, allowing local users to write arbitrary files in a location accessible only to higher privileged users. This can be exploited by local users to execute code with NTSYSTEM privileges on the end machine. **Recommendations** For versions prior to R100, update to R100 or later to resolve the issue. As a temporary workaround, consider restricting access to the connection handling function to minimize the risk of exploitation. Avoid using the relative path for downloading and unzipping configuration files until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Microsoft Skype versions through 8.59.0.77 on macOS Description: The issue allows a local process with the user's privileges to obtain unprompted microphone and camera access. This is achieved by loading a crafted library, which enables the process to inherit Skype Client's microphone and camera access due to the disable-library-validation entitlement. Recommendations: For Microsoft Skype versions through 8.59.0.77 on macOS, consider restricting access to the microphone and camera until a fix is available. As a temporary workaround, review and restrict any library loading capabilities to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows Server 2003 SP2 Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 7 SP1 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Gold and R2 Microsoft Windows RT Gold and 8.1 **Description** An issue exists in the Windows kernel-mode driver (win32k.sys) due to improper handling of objects in memory. This could allow an attacker to gain elevated privileges and read arbitrary amounts of kernel memory. The attacker could then install programs, view, change, or delete data, or create new accounts with full administrative rights. To exploit this issue, an attacker would first have to log on to the system and then run a specially crafted application designed to elevate privileges. **Recommendations** For Microsoft Windows Server 2003 SP2, update to a newer version to mitigate the risk. For Microsoft Windows Vista SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2008 SP2 and R2 SP1, update to a newer version to mitigate the risk. For Microsoft Windows 7 SP1, update to a newer version to mitigate the risk. For Microsoft Windows 8, update to a newer version to mitigate the risk. For Microsoft Windows 8.1, update to a newer version to mitigate the risk. For Microsoft Windows Server 2012 Gold and R2, update to a newer version to mitigate the risk. For Microsoft Windows RT Gold and 8.1, update to a newer version to mitigate the risk.