Jump to the main content block
:::
:::
  1. Home
  2. Hot news

【Security】Microsoft Windows, Google Chrome, Microsoft Edge and other software have high-risk security vulnerabilities. Colleagues are requested to confirm and update or patch as soon as possible.

Hello everyone:

Microsoft Windows, Google Chrome, Microsoft Edge and other software have high-risk security vulnerabilities. Colleagues are requested to confirm and update or patch as soon as possible.

1. Microsoft Windows has a high-risk security vulnerability (CVE-2024-21338)
   ● Researchers discovered that the AppLocker security function of the Microsoft Windows operating system has a local privilege escalation vulnerability (CVE-2024-21338), which allows local attackers who have completed authentication to use this vulnerability to escalate system privileges. This vulnerability has been exploited by hackers, please confirm and patch it as soon as possible.

2. There are security vulnerabilities in browsers such as Google Chrome, Microsoft Edge, Brave, Opera and Vivaldi (CVE-2024-0519)
   ● Researchers have discovered that browsers such as Google Chrome, Microsoft Edge, Brave, Opera and Vivaldi have an out-of-bounds memory access vulnerability (CVE-2024-0519). An attacker can use this vulnerability to execute arbitrary code remotely. Please hurry up Confirm and patch.

3. Fortinet FortiOS and FortiProxy have high-risk security vulnerabilities (CVE-2024-21762)
   ● Researchers discovered that Fortinet FortiOS and FortiProxy have an Out-of-Bounds Write vulnerability (CVE-2024-21762), which allows an unauthenticated remote attacker to execute arbitrary code or Order. This vulnerability has been exploited by hackers, please confirm and patch it as soon as possible.

4. QNAP OS has a high-risk security vulnerability (CVE-2024-21899)
   ● Researchers have discovered that QNAP OS has an Improper Authentication vulnerability (CVE-2024-21899). Remote attackers can use this vulnerability to bypass identity authentication and gain system control. Please confirm and patch it as soon as possible.

Related Articles:
   ■ https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1257/
   ■ https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1254/ 
   ■ https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1256/ 
   ■ https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1258/

For more question about information security, please directly consult with Computer Center, at rogeryu@mail.ntust.edu.tw or applechang@mail.ntust.edu.tw

Click Num: