Thomas Imbert

**Name of the Vulnerable Software and Affected Versions** NT OS Kernel (affected versions not specified) **Description** The issue is related to an elevation-of-privilege vulnerability in the NT OS Kernel, which can be exploited by attackers to affect the system. It is associated with the dereference of an untrusted pointer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Streaming Service versions prior to the fixed version **Description** The issue allows attackers to gain System privileges on a vulnerable machine. It is an elevation-of-privilege vulnerability that affects the system. The vulnerability is related to an untrusted pointer dereference in the mskssrv.sys driver. It has been actively exploited and was demonstrated at the Pwn2Own contest. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. **Recommendations** As a temporary workaround, consider disabling the `mskssrv.sys` driver until a patch is available. Update Windows to the latest version. Use a firewall and configure it to only allow trusted connections. Use a VPN with a reliable reputation. Keep track of cybersecurity news and do not use the same password for different sites. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Lexmark devices (affected versions not specified) **Description** The issue is related to an embedded web server command injection vulnerability. This vulnerability was identified in Lexmark devices through 2021-12-07. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Lexmark devices (affected versions not specified) **Description** The initial admin account setup wizard on Lexmark devices allows unauthenticated access to the "out of service erase" feature. This issue may be related to an unprotected API, potentially leading to remote code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 73 Firefox ESR versions prior to 68.5 **Description** The issue is related to a buffer overflow, allowing a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. A content process could modify shared memory, leading to an out-of-bounds write, memory corruption, and a potentially exploitable crash. **Recommendations** For Firefox versions prior to 73, update to version 73 or later to resolve the issue. For Firefox ESR versions prior to 68.5, update to version 68.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox ESR versions prior to 68.4 Firefox versions prior to 72 **Description** A race condition occurs during the initialization of a new content process, potentially allowing a content process to disclose heap addresses from the parent process. This issue is specific to Windows and does not affect other operating systems. The vulnerability is related to synchronization errors when using shared resources, which could allow a remote attacker to disclose protected information. **Recommendations** For Firefox ESR versions prior to 68.4, update to version 68.4 or later. For Firefox versions prior to 72, update to version 72 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox ESR versions prior to 68.4 Firefox versions prior to 72 **Description** The issue is related to a memory corruption problem that can occur during the initialization of a new content process, potentially leading to a crash in the parent process. This problem is specific to Windows and does not affect other operating systems. The vulnerability is also described as a buffer overflow issue that could allow a remote attacker to execute arbitrary code. **Recommendations** For Firefox ESR versions prior to 68.4, update to version 68.4 or later. For Firefox versions prior to 72, update to version 72 or later.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability that occurs when the Windows kernel fails to properly handle objects in memory. This vulnerability can be exploited by an attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 60.7 Firefox versions prior to 67 Firefox ESR versions prior to 60.7 **Description** A race condition in the crash generation server can lead to a use-after-free in the main process, potentially causing an exploitable crash and a sandbox escape. This issue affects Windows operating systems exclusively, with other operating systems being unaffected. **Recommendations** For Thunderbird versions prior to 60.7, update to version 60.7 or later. For Firefox versions prior to 67, update to version 67 or later. For Firefox ESR versions prior to 60.7, update to version 60.7 or later.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue exists due to improper handling of objects in memory by a component of the Windows operating system, specifically related to DirectX. This can allow an attacker to elevate their privileges and execute arbitrary code in kernel mode using a specially crafted application. An elevation-of-privilege issue allows attackers to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** systemd versions 223 through 235 **Description** The issue allows a remote DNS server to respond with a custom crafted DNS NSEC resource record, triggering an infinite loop in the `dns packet read type window()` function of the 'systemd-resolved' service. This can cause a denial of service (DoS) of the affected service. **Recommendations** For versions 223 through 235, as a temporary workaround, consider disabling the `dns packet read type window()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.