Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
Microsoft’s cybersecurity defenses were easily broken by Black Basta on zero-day
The gang exploited the CVE-2024-26169 which allows system privilege.
2 min. read
Published onJune 13, 2024
published onJune 13, 2024
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
In the cybersecurity realm, it sometimes appears like a game of cat and mouse is being played. The Black Basta ransomware gang seems to have cleverly outwitted Microsoft using an uncorrected weakness in the Windows Error Reporting Service (CVE-2024-26169).
This flaw provided an opportunity for attackers to enhance their privileges up to the SYSTEM level, meaning they could potentially obtain control over everything within this system. Microsoft put a stopper on this gap during March, but not before Black Basta enjoyed themselves with it.
The Symantec huntershave assembled clues that imply the exploit was utilized in nature as a zero-day, which means it is a weakness that was exploited prior to the vendor releasing a patch.
The exploit takes advantage of an oddity in how Windows manages registry keys, which gives attackers full administrative rights. The interesting part is the timing: Symantec discovered versions of this exploit that have timestamps prior to Microsoft’s patch – one even going back to December 2023.
While times can change, the absence of will to adjust in this situation supports the idea that Black Basta was early on with it.
It’s not a single vulnerability story. This is just the beginning, an introduction to modern ransomware gangs’ clever strategies. Black Basta may have a connection with the well-known Conti group, and their skill in using zero days shows how the danger continues to change.
Windows encourages organizations to apply the most recent security updates and follow the guidance of cybersecurity agencies like CISA to protect against these types of threats.
But what does this mean for us users? It’s a clear message that we need to keep our systems updated. Sometimes, it’s tempting to ignore those annoying notifications about updates, but as the Black Basta campaign shows us, being too relaxed can come with a high price.
Therefore, when you encounter this update notification in the future, perhaps reconsider before choosing “remind me later.” Ultimately, during this era of technological advancement and digital life, we all must fulfill the duty of avoiding harmful entities.
In other news, Microsoftfixed 51 CVEswith this month’s Patch Tuesday updates, so you should update your Windows 11 to the latest version as soon as possible.
More about the topics:Cybersecurity,microsoft
Flavius Floare
Tech Journalist
Flavius is a writer and a media content producer with a particular interest in technology, gaming, media, film and storytelling.
He’s always curious and ready to take on everything new in the tech world, covering Microsoft’s products on a daily basis. The passion for gaming and hardware feeds his journalistic approach, making him a great researcher and news writer that’s always ready to bring you the bleeding edge!
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Flavius Floare
Tech Journalist
Flavius is a writer and a media content producer with a particular interest in technology, gaming, media, film and storytelling.
