Jonathan Birch

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** An issue in the `MapUrlToZone` function within Windows allows an unauthorized attacker to bypass a security feature over a network. The problem stems from an improper resolution of path equivalence. This could allow a remote attacker to circumvent existing security mechanisms. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

The affected software is Microsoft Update Catalog, which has a critical issue related to the deserialization of untrusted data. This allows an unauthorized attacker to elevate privileges on the website's webserver. Although no specific versions of the software are mentioned as being affected, Microsoft has taken action to patch the issue. An exploit is available, and more information can be found at the provided links. The issue is related to privilege escalation and can be exploited by an unauthorized attacker. The severity of this issue is increased, and it's related to the deserialization of untrusted data in Microsoft Update Catalog. Microsoft acted fast to patch the issue. #MicrosoftUpdateCatalog #PrivilegeEscalation #Deserialization #Cybersecurity #ServerSideSecurity #CyberPatch #Microsoft

**Name of the Vulnerable Software and Affected Versions** Privileged Identity (affected versions not specified) **Description** A medium severity issue has been identified within Privileged Identity, allowing an attacker to perform reflected cross-site scripting attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MongoDB .NET/C# Driver versions prior to and including v2.18.0 **Description** Under very specific circumstances, a privileged user is able to cause arbitrary code to be executed, which may cause further disruption to services. This issue is specific to applications written in C#. The vulnerability requires certain conditions to be met, including the application being written in C#, running on a Windows host using the full .NET Framework, having a domain model class with a property or field of type System.Object, and the malicious attacker having unrestricted insert access to the target database. **Recommendations** For MongoDB .NET/C# Driver versions prior to and including v2.18.0, update to a version later than v2.18.0 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable application and ensuring that all user input is properly validated to minimize the risk of exploitation. Avoid using the `System.Object` type in domain model classes and ensure that all data serialization is properly validated. Restrict insert access to the target database to prevent malicious attackers from adding a t discriminator.

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint (affected versions not specified) Description: A remote code execution issue exists in Microsoft SharePoint due to the software's failure to properly check the source markup of an application package. This could allow a remote attacker to execute arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account. Exploitation requires a user to upload a specially crafted SharePoint application package to an affected version of SharePoint. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Java SE versions 7u221, 8u212, 11.0.3, and 12.0.1 Java SE Embedded version 8u211 **Description** The issue is related to inadequate access control in the Networking component of Java SE and Java SE Embedded, which can be exploited by an unauthenticated attacker with network access via multiple protocols to compromise Java SE and Java SE Embedded. This can result in unauthorized update, insert, or delete access to some of Java SE and Java SE Embedded accessible data, as well as unauthorized read access to a subset of Java SE and Java SE Embedded accessible data. The vulnerability applies to Java deployments that load and run untrusted code and rely on the Java sandbox for security. It can also be exploited by using APIs in the specified component. **Recommendations** For Java SE versions 7u221, 8u212, 11.0.3, and 12.0.1, update to a version that includes the fix for this issue. For Java SE Embedded version 8u211, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Networking component until a patch is available. Avoid using APIs in the specified component until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Python (affected versions not specified) **Description** The issue is related to errors in handling registration data in the urllib.parse.urlsplit and urllib.parse.urlparse functions of the Python programming language interpreter. Exploitation of this issue may allow an attacker to disclose protected information, read or write arbitrary data, or cause a denial of service. The exploitation enables a remote attacker to access confidential data. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft browsers (affected versions not specified) **Description** A spoofing issue arises from Microsoft browsers' improper handling of specific redirects. This could allow a remote attacker to redirect a user to a malicious site using a specially crafted web page, potentially tricking the user into believing they are on a legitimate website. The crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Visual Studio versions (affected versions not specified) Microsoft .NET Framework versions (affected versions not specified) Microsoft .NET Core versions (affected versions not specified) Microsoft PowerShell versions (affected versions not specified) **Description** The issue is related to errors in the representation of information by the user interface, allowing a remote attacker to conduct spoofing attacks. It is also associated with the way certain .Net Framework API's and Visual Studio parse URL's, enabling attackers to bypass security logic that checks the ownership of user-provided URLs to specific nodes or subdomains, and establish a privileged connection to an untrusted service as if it were trusted. **Recommendations** For Microsoft Visual Studio, update to a version that includes a fix for this issue. For Microsoft .NET Framework, update to a version that includes a fix for this issue. For Microsoft .NET Core, update to a version that includes a fix for this issue. For Microsoft PowerShell, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Outlook (affected versions not specified) Microsoft Word (affected versions not specified) Microsoft Office (affected versions not specified) **Description** A tampering issue exists due to improper handling of specific attachment types when rendering HTML emails. An attacker could exploit this by sending a specially crafted email and attachment to a victim, or by hosting a malicious .eml file on a web server. Successful exploitation could allow embedding untrusted TrueType fonts in an email, potentially leading to further system compromise when combined with other exploits. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Outlook (affected versions not specified) **Description** An elevation of privilege issue exists due to improper validation of attachment headers in Microsoft Outlook. This allows an attacker to send emails with hidden attachments that can be opened or executed when a victim clicks a link within the email. The attack does not bypass existing attachment filters, so blocked attachments are still excluded. Exploitation involves sending a specially crafted email to a victim, who must then click on a link to trigger the opening or execution of a malicious attachment. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Excel versions 2007 Service Pack 3 through 2016 Microsoft Office Compatibility Pack version Service Pack 3 Microsoft Excel Viewer version 2007 Service Pack 3 Microsoft Excel 2016 for Mac **Description** A security feature bypass issue exists in Microsoft Office software, specifically in how macro settings are enforced on Excel documents. This bypass does not directly allow arbitrary code execution but requires an attacker to embed a control in an Excel worksheet that specifies a macro should be run. To exploit this, an attacker must convince a user to open a specially crafted file with an affected version of Microsoft Office software. **Recommendations** For Microsoft Excel 2007 Service Pack 3, consider disabling macro execution until a patch is available. For Microsoft Excel 2010 Service Pack 2, restrict access to macros in Excel documents to minimize the risk of exploitation. For Microsoft Excel 2013 Service Pack 1 and Microsoft Excel 2013 RT Service Pack 1, avoid using macros in Excel worksheets until the issue is resolved. For Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for Mac, apply configuration changes to enforce macro settings on Excel documents as a temporary workaround.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 54 Firefox ESR versions prior to 52.2 Thunderbird versions prior to 52.2 **Description** A security issue was found where the "Mark of the Web" was not correctly saved on Windows when files with very long names were downloaded from the Internet. This results in the security warning that Windows displays before running executables downloaded from the Internet not being shown. The issue only affects Windows operating systems. **Recommendations** For Firefox versions prior to 54, update to version 54 or later to resolve the issue. For Firefox ESR versions prior to 52.2, update to version 52.2 or later to resolve the issue. For Thunderbird versions prior to 52.2, update to version 52.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 55.0.2883.75 Opera versions prior to 55.0.2883.75 **Description** The issue is related to the mishandling of downloaded files, allowing a remote attacker to prevent the downloaded file from receiving the Mark of the Web. This can be achieved via a crafted HTML page. The exploitation of this issue may allow a remote attacker to execute arbitrary code or cause a denial of service. **Recommendations** For Google Chrome versions prior to 55.0.2883.75, update to version 55.0.2883.75 or later. For Opera versions prior to 55.0.2883.75, update to version 55.0.2883.75 or later. As a temporary workaround, consider restricting the use of downloaded files from untrusted sources until a patch is available.