Microsoft fixes its zero-day, new python vulnerability and bootkit for conducting covert cyberespionage. New cyberthreats are being discovered everyday and we bring you the top 3 for the 3rd week of October 2021.
Microsoft October 2021 Patch Tuesday fixes 4 zero-days, 71 flaws
October’s Patch Tuesday includes fixes for four zero-day vulnerabilities, with a Win32k Elevation of Privilege Vulnerability vulnerability known to have been actively exploited in attacks.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available
The actively exploited vulnerability was discovered by Kaspersk’s Boris Larin (oct0xor) and allows malware or a threat actor to gain elevated privileges on a Windows device.
Microsoft also fixed three other publicly disclosed vulnerabilities that are not known to be exploited in attacks.
New UEFI Bootkit Performs Espionage
A new bootkit has been discovered that performs cyberespionage and compromises system partitions. Dubbed ESPecter, the bootkit is believed to have been active since 2012.
Various UEFI firmware vulnerabilities have enabled attackers to disable Secure Boot. Because of these vulnerabilities, most of the legacy systems are at greater risk from bootkits such as ESPecter. Thus, always make sure of applying security patches quickly.
PyPI removes ‘mitmproxy2’ over code execution concerns
The PyPI repository has removed a Python package called ‘mitmproxy2’ that was an identical copy of the official “mitmproxy” library, but with an “artificially introduced” code execution vulnerability.
The official ‘mitmproxy’ Python library is a free and open-source interactive HTTPS proxy with over 40,000 weekly downloads.