Weekly threat roundup: SAP, Windows 10, Chrome

Pulling together the most dangerous and pressing flaws that businesses need to patch

Patch management is far easier said than done, and security teams may often be forced into prioritising fixes for several business-critical systems, all released at once. It’s become typical, for example, to expect dozens of patches to be released on Microsoft’s Patch Tuesday, with other vendors also routinely getting in on the act.

Below, IT Pro has collated the most pressing disclosures from the last seven days, including details such as a summary of the exploit mechanism, and whether the vulnerability is being exploited in the wild. This is in order to give teams a sense of which bugs and flaws might pose the most dangerous immediate security risks.

SAP exploit grants root access to corporate servers

Bicycles outside the SAP offices

Hackers can take advantage of a fully-functional exploit that abuses a vulnerability in the SAP Solution Manager. Tracked as CVE-2020-6207, this flaw is a missing authentication check in EEM Manager, a component of the Solution Manager, and is rated a perfect 10/10 on the CVSS threat scale.

Solution Manager is an administrative system used in all SAP environments and centralises the management of all SAP and non-SAP systems within the SAP landscape. By exploiting this flaw, cyber criminals can gain root access to enterprise servers, and access mission-critical applications, business processes and data. They’ll need access to the Solution Manager HTTP(s) port, and can execute the exploit remotely.

Onapsis previously identified this flaw in 2020 and demonstrated at the Black Hat conference how it could be chained with two other flaws to give remote attackers root access. SAP issued a patch for the flaw in March of last year. Onapsis, however, has continued to scan for activity in the wild and have encountered this new exploit published by a Russian researcher on Github.

Unpatched Windows 10 flaw can corrupt your hard drive

Plasters over a hard disc drive to symbolise patch management

Microsoft is working on a fix for a “nasty” vulnerability in Windows 10 that can corrupt users’ hard drives. It can be triggered by opening a specially crafted file name inserted in any folder, according to the Verge, and has apparently existed in Windows for several years.

The vulnerability was flagged by security researcher Jonas L, and corroborated by vulnerability analyst Will Dormann. He suggested the problem seems to have been introduced with Windows 10 version 1803, and that he had reported a similar issue to Microsoft almost two years ago. 

The flaw poses a security risk, given it’s possible for an attacker to hide a specially crafted line inside a ZIP folder, for instance, or even a shortcut. When this specific path is opened, the vulnerability will present a message claiming that your hard drive is corrupted. Microsoft confirmed to the Verge that a fix for this bug will be published in a future Windows update.

Flaws in DNS software can be chained to devastating effect

An Android smartphone laid flat on a surface beside a model of the Android mascot

Seven vulnerabilities have been discovered in DNSMasq, software used for domain name system (DNS) caching and IP address assignment, which can be exploited by attackers to mount DNS spoofing attacks, or compromise networking devices.

Researchers with JSOF have found three bugs that allow DNS spoofing and four buffer overflow flaws, the worst of which can lead to the execution of arbitrary code remotely on a vulnerable device. The vulnerable DNSMasq software is used in Cisco routers, Android phones, Aruba devices, as well as systems built by Technicolor, Red Hat, Siemens, Ubiquiti networks, Comcast, and others.

While each of these vulnerabilities has a limited impact in isolation, the researchers found that these can be combined in chained in certain ways to build extremely effective multi-staged attacks. While there are several minor workarounds available, the only full mitigation is for manufacturers to update DNSMasq to version 2.83 or above.

RCE exploit fixed in Google Chrome

The Chrome app on a mobile phone

Google has released a Chrome browser update addressing a number of flaws including a critical vulnerability tracked as CVE-2021-21117. This is the most severe of the 36 fixes and centres on ‘insufficient policy enforcement in Cryptohome’.

This bug can be successfully exploited by an attacker to execute arbitrary code remotely. Attackers would be able to view, change, or delete data depending on the privileges associated with the browser, meaning it can be partially mitigated if the application is configured with weaker administrative rights.

These 36 security fixes have been bundled with version 88.0.4324.96 of Chrome, which also includes a tool which users can deploy to check whether their passwords should be strengthened. The feature makes it easier to fix weaker passwords by scanning various combinations held in the Chrome password manager and highlighting the weakest links.

Featured Resources

Virtual desktops and apps for dummies

An easy guide to virtual desktop infrastructure, end-user computing, and more

Download now

The total economic impact of optimising and managing your hybrid multi-cloud

Cost savings and business benefits of accelerating the cloud journey

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

What’s next for the education sector?

A new learning experience

Download now

Recommended

Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
Cyber attacks against organizations increasing as more staff work from home
cyber security

Cyber attacks against organizations increasing as more staff work from home

17 May 2021
What is phishing?
phishing

What is phishing?

17 May 2021
Cisco to acquire threat intelligence provider Kenna Security
Acquisition

Cisco to acquire threat intelligence provider Kenna Security

14 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021