Patches released for one high severity bug?so far, CVE-2021-34514?
OTTAWA, ON, Aug. 12, 2021 /PRNewswire/ — ?Field Effect, a global cyber security company specializing in intelligence-grade protection for small and mid-sized businesses, recommends Microsoft Windows users take fast action to make updates following the discovery of a tranche of critical zero-day security vulnerabilities by the company’s security research team.?The vulnerabilities — in Windows Vista/Server 2008 and above — could be exploited to gain kernel-level privilege to facilitate ransomware or other serious cyber attacks. The first of these vulnerabilities was recently patched by Microsoft.
After Field Effect responsibly disclosed its research findings to Microsoft in early?May 2021,?Microsoft issued patches for?the first vulnerability?CVE-2021-34514, in its?Patch Tuesday update on July 13, 2021.?CVE-2021-34514 has a high severity score of CVSS: 3.0 score 7.8.?Patches for the remaining vulnerabilities will be scheduled by Microsoft?in the fall.?
"The potential impact from these native?kernel privilege escalation vulnerabilities, if exploited, would?be similar to?upgrading an attacker’s weaponry from a tank to a nuclear weapon," said Matt Holland, Founder, CEO, and CTO of Field Effect. "Once attackers have?access to the kernel,?they?can bypass traditional security controls and move deeply into operating systems, applications, and more. The attack scenarios are limitless with this level of access and control."
The?CVE-2021-34514?vulnerability?was?discovered?by Erik?Egsgard,?Field Effect’s principal security?researcher. It is a race condition vulnerability and resides in the Advanced Local Procedure Call (ALPC) facility of the Windows kernel (ntoskrnl.exe). ALPC was introduced with
Windows Vista, which was released in 2007. Field Effect has confirmed that the vulnerability has been present since then, making almost every computer running Windows in the world vulnerable.
Patches issued for CVE-2021-34514 also included 19?for Windows 10 and two for Windows 7 versions, as well as associated Windows Server versions.?Windows 7, no longer supported by Microsoft but known to be?the?second most popular Windows operating system, is?still running on an estimated 100 million PCs.?Outdated operating systems?have been shown to be?more vulnerable to cyber threats,?enabling?cyber criminals to take advantage of security gaps and launch attacks.
Today’s news underscores the importance of keeping software and systems updated and prioritizing security. At Field Effect, more than 50% of the company’s revenue is invested in R&D to continually support innovation for its cyber security products and services. As a result, Field Effect customers using the company’s Covalence threat monitoring, detection, blocking, and response (MDR) solution, are protected from these vulnerabilities.
"This vulnerability, along with others, were discovered over a one-week period while doing R&D for Covalence, our MDR solution. This is a testament to the deep expertise of our threat intelligence team, operating with an attacker’s mindset," said Holland. "We continuously push the limits on attacker techniques and methodologies and build counter-measures right into our products and services, ensuring our clients are fully protected. This ensures that Covalence is always ready for when actual attackers discover and weaponize these techniques."
To download the CVE-2021-34514 patches, access the Microsoft Security Update Guide?here. ?
About Field Effect
Field Effect believes businesses of all sizes deserve powerful cyber security solutions to protect them. The company’s threat monitoring and protection, incident response, security training, and consulting services are the result of years?of?research and development?by?the brightest talents in the cyber security industry.?For more?information, visit www.fieldeffect.com.?
Media contact: Jane Harwood, Director of Marketing, Field Effect, 506-378-0177, [email protected]