Microsoft Can't Catch a Break from Vulnerabilities

Microsoft Windows continues to be plagued by vulnerabilities, while Linux and macOS are enjoying calmer waters. A week ahead of Christmas, Microsoft is patching 39 vulnerabilities in Windows. Out of these, 10 are critical and one is a publicly known zero-day security hole. According to Kaspersky Lab, "This is the third consecutive exploited Local Privilege Escalation vulnerability in Windows we discovered this autumn using our technologies."

Kaspersky Lab said that unlike the previously reported vulnerabilities in win32k.sys, this one is a dangerous threat – a vulnerability in the Kernel Transaction Manager driver. "It can also be used to escape the sandbox in modern web browsers, including Chrome and Edge, since syscall filtering mitigations do not apply to ntoskrnl.exe system calls," said Kaspersky.

Kaspersky Lab believes that this exploit is used by bad actors, including FruityArmor and SandCat.

Despite Microsoft's efforts, Windows remains its Achilles heel, and it's not just vulnerabilities in the OS. At times, Windows updates also break systems, including deleting user data.

Hacks Abound

2018 is ending with some major hacks. Marriott International, one of the world's biggest hotel chains, announced that hackers compromised the reservation database of Starwood hotels. Hackers managed to steal personal details of about 500 million guests. According to The Hacker News, "The breach of Starwood properties has been happening since 2014 after an unauthorized party managed to gain unauthorized access to the Starwood's guest reservation database and had copied and encrypted the information."

The second victim of another major hack is Quora, a user-driven question and answers site. According to reports, hackers gained access to sensitive information of over 100 million users. The Hacker News wrote that the stolen data includes sensitive account information, such as names, email addresses, encrypted (hashed) passwords, and data imported from linked social networks like Facebook and Twitter.

The third major hack was on Dell. The company said that it detected and disrupted unauthorized activity on its network attempting to extract Dell.com customer information, which was limited to names, email addresses and hashed passwords. "Additionally, Dell cybersecurity measures are in place to limit the impact of any potential exposure. These measures include the hashing of our customers' passwords and a mandatory Dell.com password reset. Credit card and other sensitive customer information was not targeted. The incident did not impact any Dell products or services," Dell said in a blog post.

Even though Dell was not certain if any data was stolen, the company pushed password reset for all users as a precaution.