Windows Server 2012: Unofficial 0patch fix for MoW 0-day vulnerability

Windows[German]ACROS Security has developed a fix for a previously unknown 0-day vulnerability in the Mark of the Web security feature of Windows Server 2012 and Server 2012 R2. The fix is available to customers via a 0patch micro-patch and enables the affected installations to be secured.


Advertising

Security researchers from ACROS Security have recently discovered a previously unknown 0-day vulnerability in Windows Server 2012 and Server 2012 R2. The vulnerability allows an attacker to bypass an enforced Mark of the Web security check for certain file types. This can be seen in the following tweet and the blog post Windows Server 2012 Mark of the Web Vulnerability (0day) – and Free Micropatches for it.

0patch 0-day fix

The analysis revealed that the vulnerability has existed undetected in Windows Server 2012 for over two years and has not yet been patched by Microsoft. According to Mitja Kolsek, the vulnerability is even present on fully updated servers with extended security updates.

ACROS Security has reported this problem to Microsoft and, as usual, issued micropatches for it. The micropatches can be used free of charge via the 0patch agent until Microsoft has provided an official update. ACROS Security does not disclose the details of the vulnerability, but provides some further information in the linked blog post. Micropatches have been provided for the following operating systems:

  • Windows Server 2012 updated until October 2023
  • Windows Server 2012 R2 updated until October 2023

There is also the micropatch for Windows versions that still receive Windows updates (Windows Server 2012 with ESU).


Advertising

Similar articles:
0patch: Fix for Internet Explorer 0-day vulnerability CVE-2020-0674
0patch: Fix for Windows Installer flaw CVE-2020-0683
0patch fix for Windows GDI+ vulnerability CVE-2020-0881
0-day vulnerability in Windows Adobe Type Library
0patch fixes CVE-2020-0687 in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1048 in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1015 in Windows 7/Server 2008 R2
0patch for 0-day RCE vulnerability in Zoom for Windows
Windows Server 2008 R2: 0patch fixes SIGRed vulnerability
0patch fixes CVE-2020-1113 in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1337 in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1530 in Windows 7/Server 2008 R2
0patch fixes Zerologon (CVE-2020-1472) vulnerability in Windows Server 2008 R2
0patch fixes CVE-2020-1062 in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1300 in Windows 7/Server 2008 R2
0patch fixes 0-day vulnerability in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1013 in Windows 7/Server 2008 R2
0patch fixes a Local Privilege Escalation 0-day in Sysinternals PsExec
0patch fixes Windows Installer 0-day Local Privilege Escalation vulnerability
0patch fixes 0-day in Internet Explorer
0patch fixes CVE-2021-26877 in the DNS server of Windows Server 2008 R2
0patch fixes Windows Installer LPE-Bug (CVE-2021-26415)
0Patch provides support for Windows 10 version 1809 after EOL
Windows 10 V180x: 0Patch fixes IE vulnerability CVE-2021-31959
0Patch Micropatches for PrintNightmare Vulnerability (CVE-2021-34527)
0patch fix for new Windows PrintNightmare 0-day vulnerability (Aug. 5, 2021)
0patch fix for Windows PetitPotam 0-day vulnerability (Aug. 6, 2021)
2nd 0patch fix for Windows PetitPotam 0-day vulnerability (Aug. 19, 2021)
Windows 10: 0patch fix for MSHTML vulnerability (CVE-2021-40444)
0patch fixes LPE Vulnerability (CVE-2021-34484) in Windows User Profile Service
0patch fixes LPE vulnerability (CVE-2021-24084) in Mobile Device Management Service
0patch fixes InstallerTakeOver LPE 0-day vulnerability in Windows
0patch fixes ms-officecmd RCE vulnerability in Windows
0patch fixes RemotePotato0 vulnerability in Windows
0patch fixes again vulnerability CVE-2021-34484 in Windows 10/Server 2019
0Patch fixes vulnerabilities (CVE-2022-26809 and CVE-2022-22019) in Windows
Windows MSDT 0-day vulnerability "DogWalk" receives 0patch fix
0patch fixes all known and exploitable Windows NTLM/Kerberos vulnerabilities
0patch fixes Memory Corruption vulnerability (CVE-2022-35742) in Microsoft Outlook 2010
Windows 7/Server 2008 R2 receive 0patch micropatches in 2023 and 2024
Windows: 0Patch Micropatch for MOTOW ZIP file bug (0-day, no CVE)
Windows: 0Patch micropatch for MotW bypassing 0-day (no CVE)
0patch Micropatches for Microsoft Office security feature bypass (CVE-2023-33150)


Advertising

This entry was posted in ios, Security, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).