Business

Unit 42 Discovers 15 New Vulnerabilities Across Microsoft, Adobe and Apple Products

Published

on

Executive Summary

Unit 42 researchers have been credited with discovering 15 new vulnerabilities addressed by the Microsoft Security Response Center (MSRC)Adobe Security Bulletin and Apple Security Updates, as part of the last quarter of security update releases.

Vulnerabilities

Of the 15 new vulnerabilities credited to Unit 42 researchers, 10 come from Microsoft with severity ratings from low to important. The four Adobe Reader DC vulnerabilities are all critical bugs that allow remote code execution (RCE). Lastly, there is an Apple cross site scripting (XSS) vulnerability that could also lead to arbitrary RCE in the context of the currently logged in user.

The Unit 42 researchers credited are Tao Yan, Zhibin Zhang, Bo Qu, Ronen Haber and Ken Hsu.

The recently discovered vulnerabilities are listed in Table 1 below:

VendorCVEDescriptionTypeResearcher(s)
MicrosoftCVE-2020-16876Windows Application Compatibility Client Library Elevation of Privilege VulnerabilityPrivilege EscalationTao Yan
MicrosoftCVE-2020-16895Windows Error Reporting Manager Elevation of Privilege VulnerabilityPrivilege EscalationTao Yan
MicrosoftCVE-2020-16924Jet Database Engine Remote Code Execution VulnerabilityRemote Code ExecutionZhibin Zhang
MicrosoftCVE-2020-17007Windows Error Reporting Elevation of Privilege VulnerabilityPrivilege EscalationTao Yan
MicrosoftCVE-2020-17046Windows Error Reporting Denial of Service VulnerabilityDenial of ServiceTao Yan
MicrosoftCVE-2020-17062Microsoft Office Access Connectivity Engine Remote Code Execution VulnerabilityRemote Code ExecutionZhibin Zhang
MicrosoftCVE-2020-17094Windows Error Reporting Information Disclosure VulnerabilityInformation DisclosureTao Yan, Bo Qu
MicrosoftCVE-2020-17138Windows Error Reporting Information Disclosure VulnerabilityInformation DisclosureTao Yan
AppleCVE-2020-10012Quick Look Cross Site Scripting VulnerabilityCross Site ScriptBo Qu
MicrosoftCVE-2021-1703Windows Event Logging Service Elevation of Privilege VulnerabilityPrivilege EscalationRonen Haber
MicrosoftCVE-2021-1711Microsoft Office Remote Code Execution VulnerabilityRemote Code ExecutionTao Yan, Bo Qu
AdobeCVE-2021-21058Adobe Reader DC Memory Corruption VulnerabilityRemote Code ExecutionKen Hsu
AdobeCVE-2021-21059Adobe Reader DC Memory Corruption VulnerabilityRemote Code ExecutionKen Hsu
AdobeCVE-2021-21062Adobe Reader DC Memory Corruption VulnerabilityRemote Code ExecutionKen Hsu, Bo Qu
AdobeCVE-2021-21063Adobe Reader DC Memory Corruption VulnerabilityRemote Code ExecutionKen Hsu, Zhibin Zhang

Table 1. List of vulnerabilities.

Specifically, the patch of CVE-2021-1711 addresses a new type of security issue that Unit 42 researchers discovered. Tao Yan, Qi Deng and Bo Qu will share more technical details at Black Hat Asia 2021.

Conclusion

Palo Alto Networks Next-Generation Firewall customers deploying a Threat Prevention security subscription, which includes capabilities such as vulnerability protection with an intrusion prevention system (IPS), are protected from zero-day vulnerabilities such as these. The WildFire security subscription provides our customers with comprehensive protection and automatic updates against previously unknown threats.

Weaponized exploits for these vulnerabilities are prevented by Cortex XDR’s multi-layered exploit prevention capabilities.

Palo Alto Networks is a regular contributor to vulnerability research in Microsoft, Adobe, Apple, Google Android and other ecosystems, with more than 300 critical vulnerabilities discovered. Our researchers give regular talks at security conferences such as Black Hat, Blue Hat and REcon.

By proactively identifying these vulnerabilities, developing protections for our customers and sharing the information with the security community, we are removing weapons used by attackers to threaten users and compromise enterprise, government and service provider networks.

Source: https://unit42.paloaltonetworks.com/15-new-vulnerabilities/?web_view=true

Exit mobile version