A critical flaw in Windows-powered datacenters and applications, which Microsoft fixed in mid-2022, remains unpatched in almost all vulnerable endpoints, putting countless users at risk of different malware, or even ransomware, attacks.
Cybersecurity researchers from Akamai published a proof-of-concept (PoC) for the flaw, and determined the high percentage of yet unfixed devices.
The vulnerability Akamai is referring to is CVE-2022-34689, a Windows CryptoAPI spoofing vulnerability that allows threat actors to authenticate, or sign code, as the targeted certificate. In other words, threat actors can use the flaw to pretend to be another app or OS and have those apps run without raising any alarms.
Ignoring the patch
“We found that fewer than one percent of visible devices in data centers are patched, rendering the rest unprotected from exploitation of this vulnerability,” Akamai researchers said.
Speaking to The Register, the researchers confirmed that 99% of endpoints were unpatched, but that doesn’t necessarily have to mean they’re vulnerable – there still needs to be a vulnerable app for the attackers to exploit.
The flaw was given a 7.5 severity score, and labeled as “critical”. Microsoft released a patch in October 2022, but few users have applied it yet.
“So far, we found that old versions of Chrome (v48 and earlier) and Chromium-based applications can be exploited,” the researchers said. “We believe there are more vulnerable targets in the wild and our research is still ongoing.”
When Microsoft originally patched the flaw, it said that there was no evidence of the vulnerability being exploited in the wild. However, now with the PoC publicly available, it’s safe to assume that different threat actors will start hunting for vulnerable endpoints (opens in new tab). After all, the methodology has been given to them on a silver platter, all they need to do is find a victim.
Via: The Register (opens in new tab)
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba