Cyber Scotland
The CyberScotland Technical Bulletin is designed to provide you with information about updates, exploits and countermeasures.
Please subscribe to our CyberScotland mailing list to be notified by email when a new bulletin is published.
December’s round of monthly patches has been released and with it comes fixes for 2 zero-day exploits and 49 other flaws.
The first of the zero-day exploits fixed was CVE-2022-44698 which is a Windows SmartScreen Security Feature Bypass that if exploited would allow an attacker to evade Mark of the Web defences which would result in a loss of availability of security features such as the protected view in Microsoft Office applications.
The other zero-day exploit fixed in the recent patch is CVE-2022-44710 a DirectX Graphics Kernel Elevation of Privilege vulnerability. This has a CVSS score of 7.8 and would allow an attacker to gain SYSTEM privileges if exploited.
Google recently released its latest security patch while rolling out the new Android 13 update. The update patched over 75 known vulnerabilities including multiple critical remote code execution flaws.
The system vulnerabilities fixed in the latest patch were the most severe. Vulnerabilities such as CVE-2022-20411 could lead to remote code execution over Bluetooth with no execution privileges required.
Most of the security flaws fixed are high-severity flaws, with the most common variant being the escalation of privileges, this includes CVE-2022-20144.
Confirm your Android devices are running the security patch level of 2022-12-05 or newer. For more information check the Android Security Bulletin
Cisco has recently released a security advisory warning about a high-severity vulnerability affecting IP Phone 7800 and 8800 series firmware.
Cisco has stated that they are working on a patch to address this vulnerability which is currently tracked as CVE-2022-20968 and has a CVSS score of 8.1. It originates from insufficient input validation received by Cisco Discover Protocol packets. This could potentially be exploited by cybercriminals to cause remote code execution or even a denial of service (DoS) attack.
Cisco IP phones running firmware with versions 14.2 and earlier are impacted by this and the patch for this is expected to release in January 2023.
The Cyber Security Information Sharing Partnership (CiSP) is a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential and dynamic environment, increasing situational awareness and reducing the impact on UK […]
Read more CiSP – The Cyber Security Information Sharing Partnership in modal dialogSciNet is a community for Scottish Buisnesses to engage on CiSP. The Cyber Security Information Sharing Partnership (CiSP) is a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential and […]
Read more Scottish Information Sharing Network (SciNET Group) in modal dialogThe NCSC provides a free service to organisations to inform them of threats against their network. This service will notify you on all cyber attacks detected by the feed suppliers against your organisation and is designed to compliment your existing […]
Read more Early Warning Service in modal dialog