Talos discovers 11 vulnerabilities between Microsoft, Adobe software disclosed on Patch Tuesday

Aug 14, 2024 08:00 pm Cyber Security 44

Cisco Talos’ Vulnerability Research team recently discovered 11 vulnerabilities in Microsoft Windows CLIPSP.SYS and Adobe Acrobat Reader that were all disclosed this week as part of the company’s regular security updates.

For more on Patch Tuesday, check out Talos’ blog post here

Eight of the vulnerabilities affect the license update feature for CLIPSP.SYS, a driver used to implement Client License System Policy on Windows 10 and 11. The three others are use-after-free or out-of-bounds read vulnerabilities in Adobe Acrobat Reader, one of the most popular PDF readers on the market currently.

Microsoft and Adobe have patched the issues mentioned in this blog post, all in adherence to Cisco’s third-party vulnerability disclosure policy, while LevelOne has declined to release a fix.

For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website

Multiple vulnerabilities in Windows CLIPSP.SYS

Discovered by Philippe Laulheret.

CLIPSP.SYS is a driver in Windows 10 and 11 that implements the Client License System Policy. The process of updating this license can be exploited by an adversary to carry out several different exploits.

Talos discovered three issues, TALOS-2024-1971 (CVE-2024-38062) and TALOS-2024-1970 (CVE-2024-38062) and talos discovers vulnerabilities between microsoft adobe software disclosed patch tuesday

Read The Rest from the original source
blog.talosintelligence.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!