Tag: Fallo de seguridad

Microsoft is investigating a security issue that could reveal users’ passwords

Microsoft has reported a security advisory in Outlook that occurs after installing the security updates released in December. Known as CVE-2023-35636, this issue is classified as important and could allow the disclosure of NTLM hashes (which store passwords on devices), although its exploitation by cybercriminals is unlikely.

Microsoft 365 DOWNLOAD

According to Windows Report, the error occurs when clicking on a .ICS file, displaying the following message: “Microsoft Office has identified a potential security concern. This location may not be safe.” However, the security warning or vulnerability itself does not pose a threat unless you open a specific file from an attacker.

Microsoft has also published a recommendation on how to stop receiving this message by changing a registry key. To do this, users must open the Registry Editor (by searching for it in the search bar) and go to the following path (without the quotes): “HKEY_CURRENT_USERsoftwarepoliciesmicrosoftoffice16.0commonsecurity”. Once there, we must look for the DWORD “DisableHyperlinkWarning” and change its value to 1.

Microsoft 365 DOWNLOAD

However, it should be noted that by changing this DWORD in the registry, all security warnings from Microsoft Office will be disabled, not just those for .ICS files. Microsoft is aware of this issue and claims that it will be fixed in a future update.

Cisco detects serious vulnerabilities in OAS

Don’t worry if you don’t know what OAS is. Or you do. OAS (Open Automation Software) is a platform widely used in industrial operations and large-scale business environments, so it’s not necessarily going to affect you directly. Unless you’re Elon Musk, of course. With cross-platform access and integration capabilities, a vulnerability in this system can be catastrophic on several levels, and that is exactly what Cisco has detected.

A few days ago, researchers from Talos (a cybersecurity company that is a subsidiary of Cisco) disclosed a total of eight vulnerabilities that were found in the OAS engine management system, which would allow users to save configurations to disk and install them on other devices. Three of these vulnerabilities have been rated as highly severe.

A great danger for the platform

The most important vulnerabilities found are CVE-2023-31242 and CVE-2023-34998, two authentication flaws that can be exploited relatively easily through pre-designed requests specifically for that purpose. Thus, an attacker could send a request to check if unauthenticated access is possible and thus create new users, change configurations, and potentially gain access to the entire system.

Another major vulnerability would allow an attacker to get hold of administrator credentials and use them for his own purposes. The attacker could thus gain direct access to profile creation and, likewise, access to the entire system.

Cisco has already warned that there is another vulnerability that also allows the system to be taken over, although this time through a validation bug in the user creation functionality.

Fortunately all these vulnerabilities were found by Cisco and not by an attacker, so the security flaws they have caused are being quickly fixed and by version 19,000,000 will have been fully corrected.