Why you should patch the Windows QueueJumper vulnerability immediately

Read Time:38 Second

Microsoft patched over 100 vulnerabilities this week in its products, including a zero-day privilege escalation flaw used in the wild by a ransomware gang. However, another critical vulnerability that can be easily exploited to take over Windows systems remotely over local networks and the internet is likely to be of more interest to attackers and see widespread exploitation in the future.

Dubbed QueueJumper and tracked as CVE-2023-21554, the flaw was discovered by researchers from security firm Check Point Software Technologies and is rated 9.8 out of 10 on the CVSS severity scale. Microsoft’s own advisory lists the attack complexity as low and the exploitability assessment as more likely. The impact is remote code execution.

To read this article in full, please click here

Space Bears ransomware: what you need to know

Zero-Day Vulnerability in Ivanti VPN

Fancy Product Designer Plugin Flaws Expose WordPress Sites

Japan Faces Prolonged Cyber-Attacks Linked to China’s MirrorFace

PowerSchool Reportedly Pays Ransom to Prevent Student Data Leak

EU Commission Liable for Breaching EU’s Own Data Protection Rules

United Nations aviation agency hacked, recruitment database plundered

Government Launches £1.9m Initiative to Boost UK’s Cyber Resilience

Critical Ivanti Zero-Day Exploited in the Wild