BEWARE OF RESISTANT CYBERSECURITY THREATS

 

Resistant cybersecurity attacks are more serious issues, as if cybersecurity threats weren't already a headache enough. Patches are made available to secure a digital system whenever a flaw is found. However, sometimes a virus cure doesn't function as intended or can result in additional issues, much like in contemporary medicine. That happened when Microsoft released two security updates to patch some known security holes in their operating system.

First, let's talk about the Windows Mobile Device Management Information Disclosure Vulnerability (CVE-2021-24084). If properly abused, this vulnerability, which was first discovered in October 2020 by security researcher Abdelhamid Naceri, would allow a hacker to read files from a system.  Beginning in February 2021, Microsoft attempted to fix the issue. Naceri later demonstrated that the patch was ineffective and actually made the system more vulnerable, giving hackers access to run malicious code and gain administrator rights. A whopping 14 months later, in December 2021, Microsoft finally released a second comprehensive security patch for CVE-2021-24084. If it worked, we won't know for sure until later.

The Windows Installer Elevation of Privilege Vulnerability (CVE-2021-41379), on the other hand, allows for the acquisition of administrator privileges by attackers if properly exploited. Once more, Microsoft believed CVE-2021-41379 had been fixed after being patched in November 2021, but this was false. The evidence from Naceri shows that the vulnerability is still open to attack. Microsoft has not updated the patch, and it will remain vulnerable until the end of December 2021.

As cybercrime becomes more profitable, systems and networks are increasingly attractive targets for hackers. These cybercriminals often exploit zero-day threats, taking advantage of unknown security gaps to cause maximum damage before defenses can catch up.

A false sense of security can make these problems worse. With so many variables and potential vulnerabilities, hackers have numerous ways to exploit weaknesses. That’s why it's so challenging to stay ahead in cybersecurity. Keeping defenses up to date and developing patches for new threats is a constant battle, requiring the collaborative efforts of cybersecurity experts and organizations across the industry.

Read More on About Resistant CyberSecurity Threats